Non-full-admins can't download scheduled replication logs

Description

occurred when a non-full-admin user attempted to download the logs of replication.run

This replication.run was called by an internal zettarepl scheduler and thus is an internally ran job. Non-full-admins can only download the logs of the jobs they started themselves.

If we take no action, an attempt of a non-full-admin user to download the logs of an automatically ran replication will show Only users with full administrative privileges can download internal job logs.

I suppose, the same issue will happen with scheduled cloud syncs and cloud backups (they are started by root user through cron+midcli).

Proposed solution: mark some jobs as “if user has any of these privileges, they can see this job in core.get_jobs and download its logs“. I.e.

@job(read_privileges=['REPLICATION_READ'])

Problem/Justification

None

Impact

None

Activity

Show:

Bug Clerk October 31, 2024 at 10:36 AM

This issue has now been closed. Comments made after this point may not be viewed by the TrueNAS Teams. Please open a new issue if you have found a problem or need to re-engage with the TrueNAS Engineering Teams.

Bug Clerk October 31, 2024 at 9:51 AM

24.10.1 PR: https://github.com/truenas/middleware/pull/14826

Bug Clerk October 30, 2024 at 1:14 PM

25.04 PR: https://github.com/truenas/middleware/pull/14814

Bug Clerk October 28, 2024 at 6:55 AM

Thank you for submitting this TrueNAS Bug Report! So that we can quickly investigate your issue, please attach a Debug file and any other information related to this issue through our secure and private upload service below. Debug files can be generated in the UI by navigating to System -> Advanced -> Save Debug.

https://ixsystems.atlassian.net/servicedesk/customer/portal/15/group/37/create/153

Complete

Details
Assignee
Vladimir Vinogradenko
Reporter
Vladimir Vinogradenko
Labels
Original estimate
0m
Time remaining
0m
Components
Fix versions
SCALE-25.04-ALPHA.1 (Fangtooth)
SCALE-24.10.1 (ElectricEel)
Affects versions
SCALE-24.10.0 (ElectricEel)
Priority
High

Katalon Platform

Created October 28, 2024 at 6:55 AM

Updated October 31, 2024 at 10:36 AM

Resolved October 31, 2024 at 10:36 AM

Non-full-admins can't download scheduled replication logs

Description

Problem/Justification

Impact

Activity

Bug Clerk October 31, 2024 at 10:36 AM

Bug Clerk October 31, 2024 at 9:51 AM

Bug Clerk October 30, 2024 at 1:14 PM

Bug Clerk October 28, 2024 at 6:55 AM

DetailsAssigneeVladimir VinogradenkoVladimir VinogradenkoReporterVladimir VinogradenkoVladimir VinogradenkoLabelsIX_EMPLOYEEOriginal estimate0mTime remaining0mComponentsFix versionsSCALE-25.04-ALPHA.1 (Fangtooth)SCALE-24.10.1 (ElectricEel)Affects versionsSCALE-24.10.0 (ElectricEel)PriorityHigh

Details

Assignee

Reporter

Labels

Original estimate

Time remaining

Components

Fix versions

Affects versions

Priority

Katalon PlatformLinked Test Cases, Katalon Defect Results, Katalon Studio Test Results

Katalon Platform

Details
Assignee
Vladimir Vinogradenko
Reporter
Vladimir Vinogradenko
Labels
Original estimate
0m
Time remaining
0m
Components
Fix versions
SCALE-25.04-ALPHA.1 (Fangtooth)
SCALE-24.10.1 (ElectricEel)
Affects versions
SCALE-24.10.0 (ElectricEel)
Priority
High

Katalon Platform