Open anxstj opened 4 years ago
I suspect this may be a duplicate of https://github.com/ansible/awx/issues/9297
Could you test with https://github.com/ansible/awx/pull/10372 and see if that fixes it?
thanks!
Hi @AlanCoding,
no, this does not fix the problem. Tested with AWX 15.0.1 and awxkit 19.2.0
This is not a UI bug, creating the inventory source via UI with the same user works. It's just the awx cli command which fails.
But the problem could be something else, thanks for testing it.
Hi All,
I have also encountered a potential awxkit permission issue regarding inventory modifies. The behavior is identical for the tested awxkit versions 21.10.1 and 19.4.0.
The execution of the command below with the token of a global system administrator returns the help page containing valid arguments. By adding the described cli arguments, it executes the command properly.
awx -f human --conf.host https://awx.example.com --conf.token mytoken inventory modify 5 -h
# usage: awx inventory modify [-h] [--name TEXT] [--description TEXT] [--organization ID] [--kind {,smart}] [--host_filter TEXT] [--variables JSON/YAML] [--insights_credential ID] id
# positional arguments:
# id the ID (or unique name) of the resource
# optional arguments:
# -h, --help show this help message and exit
# --name TEXT Name of this inventory.
# --description TEXT Optional description of this inventory.
# --organization ID Organization containing this inventory.
# --kind {,smart} Kind of inventory being represented.
# --host_filter TEXT Filter that will be applied to the hosts of this inventory.
# --variables JSON/YAML
# Inventory variables in JSON or YAML format. You can optionally specify a file path e.g., @path/to/file.yml
# --insights_credential ID
# Credentials to be used by hosts belonging to this inventory when accessing Red Hat Insights API.
awx -f human --conf.host https://awx.example.com --conf.token mytoken inventory modify 5 --variables "{}"
#id name
#== =================
#5 example-inventory
However, the execution of the same commands with the authentication token of a user that has "ADMIN" permissions on the inventory base returns the general help page. The user is able to modify the inventory correctly via REST API (tested with curl and the awx api browser) and UI.
awx -f human --conf.host https://awx.example.com --conf.token mytoken2 inventory modify 5 --variables "{}"
#usage: awx inventory modify [-h] id
#positional arguments:
# id the ID (or unique name) of the resource
#optional arguments:
# -h, --help show this help message and exit
are there have something we do?
@AlanCoding the same problem is present. at awx-on-k3s, version 22.7.0, I will work round by api call.. awx-cli version: 3.8.6 I find all resources'create function is dont present.. it's a problem in build-in awx-clli. I think. if you have empty time,pelase check this
ISSUE TYPE
SUMMARY
If users have Inventory Admin permissions, then they are not allowed to create inventory sources.
ENVIRONMENT
STEPS TO REPRODUCE
EXPECTED RESULTS
ACTUAL RESULTS
ADDITIONAL INFORMATION
Assigning OrgAdmin permissions to the user helps, but this shouldn't be necessary.