RBAC for User model regard to allowed role

[lpichler]

follow up for #13689

Hide users with role which is disallowed for logged user's role. (according to this array )

@miq-bot add_label core, rbac, bug, fine/yes

@miq-bot assign @gtanzillo

[miq-bot]

Checked commits lpichler/manageiq@6a795af~...0481589 with ruby 2.2.6, rubocop 0.47.1, and haml-lint 0.20.0
3 files checked, 0 offenses detected
Everything looks good. 🍰

[lpichler]

cc @isimluk

[isimluk]

👍

Except I don't like the disallowed_roles that returns nil or false or list of disallowed roles.

Could you please consider a follow-up for disallowed_roles to always return list (i.e. empty list instead of nil and false)?

Thanks!

[isimluk]

I think we will need a bugzilla if we want fine/yes at this point.

[lpichler]

@isimluk yes sure in follow up 📝 PR, thanks!

[gtanzillo]

👍

[lpichler]

https://bugzilla.redhat.com/show_bug.cgi?id=1447370

[simaishi]

Added blocker label, as blocker PRs #14901 and #14903 depend on this PR.

Fine backport details:

$ git log -1
commit 7d6e53feb92e7653e735ce8cc1c1e3667ac5b476
Author: Šimon Lukašík <isimluk@fedoraproject.org>
Date:   Tue May 2 14:03:38 2017 +0200

    Merge pull request #14898 from lpichler/rbac_for_user_model_by_role
    
    RBAC for User model regard to allowed role
    (cherry picked from commit 5697c1c4d19c057fa0dbc55b82b83d25b9f17a42)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1447373

[lpichler]

@miq-bot add_label euwe/yes

[lpichler]

all related PRs:

#14898
#14901
#14903

[simaishi]

Euwe backport details:

$ git log -1
commit b18f9982c9d07bec923f2e86823032ccc33b1cf1
Author: Šimon Lukašík <isimluk@fedoraproject.org>
Date:   Tue May 2 14:03:38 2017 +0200

    Merge pull request #14898 from lpichler/rbac_for_user_model_by_role
    
    RBAC for User model regard to allowed role
    (cherry picked from commit 5697c1c4d19c057fa0dbc55b82b83d25b9f17a42)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1460979