I'm unable to 'release' a machine that was deployed by another, non-RBAC/Candid user.
What I did was:
1. I had a running MAAS
2. Deployed a machine w/ a KVM host as 'admin' user.
3. I configured MAAS with RBAC, with a 'user1' ('admin' user doesn't exist in RBAC).
4. I assigned 'user1' as the admin role for all scopes.
5. Deleted the pod/KVM host successfully as 'user1'
6. Attempted to release the machine as 'user1', it failed:
2018-12-11 19:52:04 regiond: [info] 10.90.90.4 GET /MAAS/rpc/ HTTP/1.1 --> 200 OK (referrer: -; agent: provisioningserver.rpc.clusterservice.ClusterClientService)
2018-12-11 19:52:12 maasserver.websockets.protocol: [critical] Error on request (278) machine.action: 'view'
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 864, in run
self._target(*self._args, **self._kwargs)
File "/usr/lib/python3/dist-packages/provisioningserver/utils/twisted.py", line 852, in worker
return target()
File "/usr/lib/python3/dist-packages/twisted/_threads/_threadworker.py", line 46, in work
task()
File "/usr/lib/python3/dist-packages/twisted/_threads/_team.py", line 190, in doWork
task()
--- <exception caught here> ---
File "/usr/lib/python3/dist-packages/twisted/python/threadpool.py", line 250, in inContext
result = inContext.theWork()
File "/usr/lib/python3/dist-packages/twisted/python/threadpool.py", line 266, in <lambda>
inContext.theWork = lambda: context.call(ctx, func, *args, **kw)
File "/usr/lib/python3/dist-packages/twisted/python/context.py", line 122, in callWithContext
return self.currentContext().callWithContext(ctx, func, *args, **kw)
File "/usr/lib/python3/dist-packages/twisted/python/context.py", line 85, in callWithContext
return func(*args,**kw)
File "/usr/lib/python3/dist-packages/provisioningserver/utils/twisted.py", line 885, in callInContext
return func(*args, **kwargs)
File "/usr/lib/python3/dist-packages/provisioningserver/utils/twisted.py", line 234, in wrapper
result = func(*args, **kwargs)
File "/usr/lib/python3/dist-packages/maasserver/utils/orm.py", line 756, in call_within_transaction
return func_outside_txn(*args, **kwargs)
File "/usr/lib/python3/dist-packages/maasserver/utils/orm.py", line 563, in retrier
return func(*args, **kwargs)
File "/usr/lib/python3.6/contextlib.py", line 52, in inner
return func(*args, **kwds)
File "/usr/lib/python3/dist-packages/maasserver/websockets/base.py", line 386, in prep_user_execute
return method(params)
File "/usr/lib/python3/dist-packages/maasserver/websockets/handlers/machine.py", line 769, in action
return action.execute(**extra_params)
File "/usr/lib/python3/dist-packages/maasserver/node_action.py", line 170, in execute
self._execute(*args, **kwargs)
File "/usr/lib/python3/dist-packages/maasserver/node_action.py", line 609, in _execute
secure_erase=secure_erase, quick_erase=quick_erase)
File "/usr/lib/python3/dist-packages/maasserver/models/node.py", line 3008, in release_or_erase
self.release(user, comment)
File "/usr/lib/python3/dist-packages/maasserver/models/node.py", line 2902, in release
self._release(user)
File "/usr/lib/python3/dist-packages/maasserver/models/node.py", line 2918, in _release
stopping = self._stop(self.owner)
File "/usr/lib/python3/dist-packages/maasserver/utils/orm.py", line 740, in call_within_transaction
return func_within_txn(*args, **kwargs)
File "/usr/lib/python3.6/contextlib.py", line 52, in inner
return func(*args, **kwds)
File "/usr/lib/python3/dist-packages/maasserver/models/node.py", line 4047, in _stop
if user is not None and not user.has_perm(NodePermission.edit, self):
File "/usr/lib/python3/dist-packages/maasserver/models/__init__.py", line 235, in has_perm
return _user_has_perm(self, perm, obj)
File "/usr/lib/python3/dist-packages/django/contrib/auth/models.py", line 190, in _user_has_perm
if backend.has_perm(user, perm, obj):
File "/usr/lib/python3/dist-packages/maasserver/models/__init__.py", line 356, in has_perm
'view', 'view-all', 'deploy-machines', 'admin-machines')
File "/usr/lib/python3/dist-packages/maasserver/rbac.py", line 306, in get_resource_pool_ids
user, *permissions)
File "/usr/lib/python3/dist-packages/maasserver/rbac.py", line 351, in _get_resource_pool_identifiers
identifiers = fetched[permission]
builtins.KeyError: 'view'
This is not fixed, after upgrading to the latest changes, I see the following issue:
==> /var/log/ maas/regiond. log <== websockets. protocol: [critical] Error on request (149) machine.action: python3. 6/threading. py", line 864, in run
self. _target( *self._ args, **self._kwargs) python3/ dist-packages/ provisioningser ver/utils/ twisted. py", line 852, in worker python3/ dist-packages/ twisted/ _threads/ _threadworker. py", line 46, in work python3/ dist-packages/ twisted/ _threads/ _team.py" , line 190, in doWork python3/ dist-packages/ twisted/ python/ threadpool. py", line 250, in inContext python3/ dist-packages/ twisted/ python/ threadpool. py", line 266, in <lambda>
inContext. theWork = lambda: context.call(ctx, func, *args, **kw) python3/ dist-packages/ twisted/ python/ context. py", line 122, in callWithContext text(). callWithContext (ctx, func, *args, **kw) python3/ dist-packages/ twisted/ python/ context. py", line 85, in callWithContext python3/ dist-packages/ provisioningser ver/utils/ twisted. py", line 885, in callInContext python3/ dist-packages/ provisioningser ver/utils/ twisted. py", line 234, in wrapper python3/ dist-packages/ maasserver/ utils/orm. py", line 756, in call_within_ transaction txn(*args, **kwargs) python3/ dist-packages/ maasserver/ utils/orm. py", line 563, in retrier python3. 6/contextlib. py", line 52, in inner python3/ dist-packages/ maasserver/ websockets/ base.py" , line 386, in prep_user_execute python3/ dist-packages/ maasserver/ websockets/ handlers/ machine. py", line 769, in action execute( **extra_ params) python3/ dist-packages/ maasserver/ node_action. py", line 170, in execute
self. _execute( *args, **kwargs) python3/ dist-packages/ maasserver/ node_action. py", line 609, in _execute
secure_ erase=secure_ erase, quick_erase= quick_erase) python3/ dist-packages/ maasserver/ models/ node.py" , line 3008, in release_or_erase
self. release( user, comment) python3/ dist-packages/ maasserver/ models/ node.py" , line 2902, in release
self. _release( user) python3/ dist-packages/ maasserver/ models/ node.py" , line 2918, in _release
stopping = self._stop( self.owner) python3/ ...
2018-12-12 03:37:15 maasserver.
Traceback (most recent call last):
File "/usr/lib/
File "/usr/lib/
return target()
File "/usr/lib/
task()
File "/usr/lib/
task()
--- <exception caught here> ---
File "/usr/lib/
result = inContext.theWork()
File "/usr/lib/
File "/usr/lib/
return self.currentCon
File "/usr/lib/
return func(*args,**kw)
File "/usr/lib/
return func(*args, **kwargs)
File "/usr/lib/
result = func(*args, **kwargs)
File "/usr/lib/
return func_outside_
File "/usr/lib/
return func(*args, **kwargs)
File "/usr/lib/
return func(*args, **kwds)
File "/usr/lib/
return method(params)
File "/usr/lib/
return action.
File "/usr/lib/
File "/usr/lib/
File "/usr/lib/
File "/usr/lib/
File "/usr/lib/
File "/usr/lib/