Normal Title: Hide or Gray-Out Non-Accessible Namespaces in Web Console Namespace Selector
Summary of Observed Behavior:
A user with view permissions limited to a single namespace:
- Logs into the web console.
- In Developer view, sees only the permitted namespace (correct behavior).
- In Administrator view, sees all namespaces in the dropdown, but receives an access error when switching to a namespace they don’t have rights to.
is forbidden; User "<username>" cannot list resources pods in API group "" at the cluster scope"
- This is technically correct based on RBAC, but leads to confusion because the UI implies broader access than actually granted.
RFE Request:
Enhance the OpenShift Web Console to improve RBAC-aware namespace visibility. Specifically:
- Do not display namespaces for which the logged-in user has no permissions OR
- Display such namespaces in a disabled (grayed-out) state, preventing selection.
This change will provide clarity regarding access rights, reduce user confusion, and minimize related support incidents.
Business Use Case:
Many customers assign limited, namespace-specific access to users in OpenShift. However, in the Web Console (particularly in Administrator view), users can still see all namespaces in the namespace dropdown — even those for which they do not have permissions. When such a user selects a namespace they cannot access, the console displays an error.
This often leads to confusion and support cases, as users expect that if they can see a namespace, they should be allowed to access it. The current behavior results in poor user experience and unnecessary troubleshooting overhead.
