Open nwmac opened 4 months ago
Looks related to https://github.com/rancher/dashboard/issues/10215
Workaround: Create a new custom role that includes read permissions for role templates ("get", "list", "watch" on "roletemplates" in "management.cattle.io")
Backend took a look and reported:
I was able to add a project member to one of the projects through Norman. Because of this (and the note in the issue , I suspect that this is a UI issue, due to the user not being able to see RoleTemplates. Similar to what was described in the issue, when I added the "Manage Roles" global role to the user (which gives
*
on RoleTemplates), the issue somewhat resolved and I was able to at least see the buttons to add users (though the principal search functionality was also non-functional).
E2E should be able to cover it.
@richard-cox to investigate in this area some more and we can groom again.
I've added a comment in JIRA. Waiting customer feedback.
Very roughly
If the global role is the issue, it's similar to https://github.com/rancher/dashboard/issues/9804 (also https://github.com/rancher/dashboard/issues/10215) where a user with only the global user-base role and cluster-owner cluster role was expected to manage the cluster. The user-base role lacks permissions that are required
Marking this as blocked on our side (https://github.com/rancher/dashboard/issues/10787), from that the solution may not be UI related
Internal Reference: SURE-6940
I have a cluster where an admin with
Cluster Owner
entitlements is unable to manage members of projects in the same cluster.I do not even see the "Members" tab when creating/modifying a project.