0000704: When updating from 15.2, the bareos-dir webui profile does not allow all required commands for the webui

ID	Project	Category	View Status	Date Submitted	Last Update

0000704	bareos-core	webui	public	2016-10-05 12:45	2017-06-08 16:14

Reporter	joergs	Assigned To
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	16.2.4
Fixed in Version	16.2.4

Summary	0000704: When updating from 15.2, the bareos-dir webui profile does not allow all required commands for the webui
Description	The bareos-dir webui profile, that comes with bareos-15.2 (https://github.com/bareos/bareos-webui/blob/bareos-15.2/install/bareos/webui-profiles.conf) only allow a subset of commands required for bareos-webui 16.2. Moreover, the CommandACL .bvfs_* is no proper regex and therefore not longer valid. It should be .bvfs_.*
Steps To Reproduce	Install bareos-15.2, including the bareos-webui. Add the bareos-16.2 repository (or nightly) and update to bareos >= 16.2.0. While it initially looks as if bareos-webui is working, the pages (especially the restore browser) show no information.
Additional Information	Fix (for bareos-15.2 default installation and update to bareos-16.2, without migrating the configuration to Subdirectory Configuration Scheme): In /etc/bareos/bareos-dir.conf replace @/etc/bareos/bareos-dir.d/webui-profiles.conf by @/etc/bareos/bareos-dir.d/profile/webui-admin.conf
Tags	No tags attached.

joergs 2016-10-05 13:05 developer ~0002374	A good automatic fix for this is not easily possible. However, this behaviour must be mentioned in the Bareos release notes. Moreover, the bareos-webui could be extended to check if it has permission to execute all required commands. If some permission is missing, this functionality can be hidden from the webui and a hint presented to the user.

frank 2016-10-13 17:15 developer ~0002391	A new controller plugin has been added, to validate each controller action if all required commands to run the module properly are given in the used Console/Profile Command ACL. Additionally a new view helper has been introduced to centralize the ACL alert message which is displayed when the given Command ACL does not fit the requirements. See: https://github.com/bareos/bareos-webui/commit/00439f575f7dad4d425a30ef559b66e27df9c5d8 Also upgrading webui from 15.2 to 16.2 and the differences between such versions regarding the Command ACL have been documented in the official bareos documentation.

Date Modified	Username	Field	Change
2016-10-05 12:45	joergs	New Issue
2016-10-05 12:45	joergs	Status	new => assigned
2016-10-05 12:45	joergs	Assigned To	=> frank
2016-10-05 13:05	joergs	Note Added: 0002374
2016-10-05 13:06	joergs	Relationship added	child of 0000698
2016-10-13 17:15	frank	Note Added: 0002391
2016-10-13 17:17	frank	Status	assigned => resolved
2016-10-13 17:17	frank	Fixed in Version	=> 16.2.4
2016-10-13 17:17	frank	Resolution	open => fixed
2016-10-13 17:21	frank	Relationship added	related to 0000706
2017-06-08 16:14	frank	Status	resolved => closed
2017-06-08 16:14	frank	Assigned To	frank =>

related to	0000706	closed		enable: is an invalid command.
child of	0000698	closed	stephand	Release bareos-16.2.4