Permmission problem on Devices

5 posts / 0 new
Last post
Juacom99
Juacom99's picture
Offline
Last seen: 1 week 3 hours ago
Joined: 04/19/2017 - 10:04
Posts: 4
Permmission problem on Devices

Hi

I got a big problem i hope you can help me.

I was trying to make some user not to see the full event list  so accidently i went to manage the Devices and remove the view permision without noticin that i remove the permision also from the manager rol.

Now when i go to manage screen and click on devices i'm ask to login again, i try every user in with the manage rol and it didn't work.

I even try to restore the permision with zendmd , but i wasn't able to make the rigth script for the job.

Does anybody knows what i can do to solve this

 

Thanks in advance

 

 

Jcurry
Jcurry's picture
Offline
Last seen: 3 days 7 hours ago
Joined: 01/02/2014 - 13:04
Posts: 407
Not sure what you did here? 

Not sure what you did here?  Can you give the menu path you took to remove the permissions?

 

Can you do anything from the url <your normal Zenoss>/zport/manage_access ??  Take care - you can mess things up further using this! 

Cheers,

Jane

 

Juacom99
Juacom99's picture
Offline
Last seen: 1 week 3 hours ago
Joined: 04/19/2017 - 10:04
Posts: 4
Thanks you jane for you quick

Thanks you jane for you quick anwser.

I back up the machine and give the manager rol all the permissions that there is to give and i still geting the same behavior.

 

Cheers

Juacom99
Juacom99's picture
Offline
Last seen: 1 week 3 hours ago
Joined: 04/19/2017 - 10:04
Posts: 4
Jane:

Jane:

I was trying to look a little more into this and testing some commands son my zendmd i found this:

 

dmd.Devices.manage_getUserRolesAndPermissions("admin")   returns 

{'user_defined_in': '/acl_users', 'allowed_permissions': ['Access Transient Objects', 'Access arbitrary user session data', 'Access contents information', 'Access future portal content', 'Access inactive portal content', 'Access session data', 'Add Accelerated HTTP Cache Managers', 'Add BTreeFolder2s', 'Add Browser Id Manager', 'Add CMF Caching Policy Managers', 'Add CMF Core Tools', 'Add Content Type Registrys', 'Add Cookie Crumblers', 'Add DMD Objects', 'Add Database Methods', 'Add Documents, Images, and Files', 'Add External Methods', 'Add Filesystem Directory Views', 'Add Folders', 'Add Generic Setup Tools', 'Add MailHost objects', 'Add OFolders', 'Add Page Templates', 'Add Pluggable Index', 'Add Plugin Registrys', 'Add Python Scripts', 'Add RAM Cache Managers', 'Add ReStructuredText Documents', 'Add Relationship Managers', 'Add Session Data Manager', 'Add Site Roots', 'Add Temporary Folder', 'Add ToManyContRelationships', 'Add ToManyRelationships', 'Add ToOneRelationships', 'Add Transient Object Container', 'Add User Folders', 'Add Virtual Host Monsters', 'Add Vocabularies', 'Add ZCatalogs', 'Add ZODB Mount Points', 'Add ZenTableManager', 'Add portal content', 'Add portal folders', 'Add portal member', 'Admin Device', 'Administrators Edit', 'Administrators View', 'Change Admin Objects', 'Change Alerting Rules', 'Change Browser Id Manager', 'Change DTML Documents', 'Change DTML Methods', 'Change Database Methods', 'Change Device', 'Change Device Production State', 'Change Event Views', 'Change External Methods', 'Change Images and Files', 'Change Lock Information', 'Change Network', 'Change Page Templates', 'Change Python Scripts', 'Change Session Data Manager', 'Change Settings', 'Change bindings', 'Change cache managers', 'Change cache settings', 'Change configuration', 'Change local roles', 'Change permissions', 'Change proxy roles', 'Copy or Move', 'Create Transient Objects', 'Define Commands Edit', 'Define Commands View', 'Define permissions', 'Delete Device', 'Delete objects', 'Edit Local Templates', 'Edit ReStructuredText', 'Edit User Groups', 'Edit Users', 'FTP access', 'GenSummary', 'Import/Export objects', 'List folder contents', 'List portal members', 'List undoable changes', 'Log Site Errors', 'Log to the Event Log', 'Mail forgotten password', 'Maintenance Windows Edit', 'Maintenance Windows View', 'ManagableIndex: manage', 'Manage Access Rules', 'Manage DMD', 'Manage Device', 'Manage Device Status', 'Manage EventManager', 'Manage Events', 'Manage Five local sites', 'Manage Groups', 'Manage Notification Subscriptions', 'Manage Relations', 'Manage Site', 'Manage Transient Object Container', 'Manage Trigger', 'Manage Vocabulary', 'Manage WebDAV Locks', 'Manage ZCatalog Entries', 'Manage ZCatalogIndex Entries', 'Manage portal', 'Manage properties', 'Manage users', 'Modify Cookie Crumblers', 'Modify portal content', 'Open/Close Database Connections', 'Private, only accessible from trusted code', 'Public, everyone can access', 'Query Vocabulary', 'Reply to item', 'Request review', 'Review portal content', 'Run Commands', 'Search ZCatalog', 'Search for principals', 'Send Events', 'Set own password', 'Set own properties', 'Take ownership', 'Undo changes', 'Update Notification', 'Update Trigger', 'Use Database Methods', 'Use mailhost services', 'View management screens', 'WebDAV Lock items', 'WebDAV Unlock items', 'WebDAV access', 'ZenCommon', 'ZenUpdate', 'zProperties Edit', 'zProperties View'], 'roles_in_context': ['Authenticated', 'Manager'], 'disallowed_permissions': ['View', 'View History', 'View Notification', 'View Trigger'], 'roles': ['Authenticated', 'Manager']}
 

by the disallowed_permissions section i'm guessing i don't have the permission so view the Devices.

 

i try this:

d.manage_permission("View","admin",True)
d.manage_permission("View History","admin",True)
d.manage_permission("View Notification","admin",True)
d.manage_permission("View Trigger","admin",True)

 

but when i close the zendmd and open it again the changes are gonne

 

Any idea on how to persist this changes?

 

Cheers

Juacom99
Juacom99's picture
Offline
Last seen: 1 week 3 hours ago
Joined: 04/19/2017 - 10:04
Posts: 4
never mind i was able to fix

never mind i was able to fix it.

i was missing a commit() after the manage_permission

 

Thanks

Log in to post comments