You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A set of built in and custom user roles cannot be saved because they are in an invalid state.
As part of 2019.x we split the permissions into system and space level. We made a mistake and left a set of permissions classified as mixed scope when they are only space level.
What I expected to happen
Should be able to modify UserRoles.
Steps to reproduce
Go to an affected UserRole
Make a change and attempt to save
It will error with "The following are not valid system permissions"
Screen capture
Log exerpt
The following are not valid system permissions
Affected versions
Octopus Server: 2019.x
Workarounds
Using the OctopusClient you can clean up these roles before a patch is released (here is some LinqPad code):
var apiKey = "API-YOURKEY"; //create an API with sufficient permissions ideally an admin, it can be revoked after this is run
var octopusServer = new Octopus.Client.OctopusServerEndpoint("http://YOUR.OCTOPUS.INSTALL", apiKey);
var repo = new Octopus.Client.OctopusRepository(octopusServer);
var roles = repo.UserRoles.FindAll();
var removeThesePermissions = new List<Permission> { Permission.SubscriptionView, Permission.SubscriptionEdit, Permission.SubscriptionCreate, Permission.SubscriptionDelete};
foreach(var r in roles)
{
if (removeThesePermissions.Any(p => r.GrantedSystemPermissions.Contains(p)))
{
$"found {r.Name} in a bad state, with these permissions:".Dump();
r.GrantedSystemPermissions.Dump();
// cleanup
r.GrantedSystemPermissions = r.GrantedSystemPermissions.Except(removeThesePermissions).ToList();
"what it looks like after".Dump();
r.GrantedSystemPermissions.Dump();
"persisting change...".Dump();
repo.UserRoles.Modify(r);
}
}
This thread has been automatically locked since there has not been any recent activity after it was closed. If you think you've found a related issue, please contact our support team so we can triage your issue, and make sure it's handled appropriately.
lockbot
locked as resolved and limited conversation to collaborators
Jul 31, 2019
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The bug
A set of built in and custom user roles cannot be saved because they are in an invalid state.
As part of 2019.x we split the permissions into system and space level. We made a mistake and left a set of permissions classified as mixed scope when they are only space level.
What I expected to happen
Should be able to modify UserRoles.
Steps to reproduce
Screen capture
Log exerpt
Affected versions
Octopus Server: 2019.x
Workarounds
Using the OctopusClient you can clean up these roles before a patch is released (here is some LinqPad code):
Links
The text was updated successfully, but these errors were encountered: