fixes #14000 - respect custom controller permissions

[domcleal]

Allows controller_permission method to override the permission suffix
used in resource_scope, originally from a63aa7c and removed in bb39df2.

[ShimShtein]

👍 Sounds like a missing extension point.

I wonder what is so special in config templates, since it is the only place that actually needs it...

[domcleal]

The config_templates controller manages the ProvisioningTemplate model, so permissions all have _provisioning_template suffixes rather than being named after the controller. The main controller for the model is provisioning_templates, but this one still exists for API v2 compatibility after the model was renamed.

[iNecas]

👍

[dLobatog]

Merged as f05b930, thanks @domcleal!

[mrcamp]

Which Foreman version is this fix included in? I'm on 1.11.3 and am getting the same problem when using apipie-bindings:

I, [2016-08-04T09:21:08.100588 #83995] INFO : Server: https://myforemanserver.net I, [2016-08-04T09:21:08.100617 #83995] INFO : GET /api/config_templates/83 D, [2016-08-04T09:21:08.364572 #83995] DEBUG : 404 Resource Not Found {"message"=>"Resource config_template not found by id '83'"}

Querying the same URL with curl and the browser works correctly, and querying any other resource with a specific ID works correctly everywhere.

[domcleal]

It was in 1.11.0-RC2. I'd suggest debugging it from the server side and filing a bug in Redmine if an issue remains.