There is no validation for PUT on update roles volume-mapping data

Bug #1467097 reported by Tatyanka
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Fix Released
Medium
Unassigned
6.1.x
Won't Fix
Medium
MOS Maintenance
7.0.x
Fix Released
Medium
Unassigned

Bug Description

Problem:
There is no any validation for put operation to update role volume mapping. It is leads to broken disk conf in UI:

Remote Address:[::1]:8999
Request URL:http://localhost:8999/api/nodes/16/volumes?_=1434802157662
Request Method:GET
Status Code:500 Internal Server Error

list index out of range

[7fb84763f740] (node) Traceback (most recent call last):
  File "/usr/lib/python2.6/site-packages/nailgun/objects/node.py", line 314, in update_volumes
    attrs.volumes = instance.volume_manager.gen_volumes_info()
  File "/usr/lib/python2.6/site-packages/nailgun/db/sqlalchemy/models/node.py", line 167, in volume_manager
    return VolumeManager(self)
  File "/usr/lib/python2.6/site-packages/nailgun/volumes/manager.py", line 589, in __init__
    self.allowed_volumes = get_node_spaces(node)
  File "/usr/lib/python2.6/site-packages/nailgun/volumes/manager.py", line 133, in get_node_spaces
    space = find_space_by_id(all_spaces, volume['id'])
  File "/usr/lib/python2.6/site-packages/nailgun/volumes/manager.py", line 72, in find_space_by_id
    return filter(lambda space: space.get('id') == space_id, spaces)[0]
IndexError: list index out of range

Steps to reproduce:

Over fuel cli:
Setup master node
SSH to the master node
Download to file controller role with command:
fuel role --rel 2 --role controller --file controller.yaml
Modify created file: change "id" value at the "volumes_roles_mapping" to something incorrect, for ex.: "id: blabla"
Save file and upload it to the nailgun with:
fuel role --rel 2 --role controller --update --file contr.yaml

Over Api:
curl -s -H "X-Auth-Token:"$token http://10.109.0.2:8000/api/releases/1/roles/controller| python -m json.tool >> controller.json
curl -s -X PUT -H "X-Auth-Token:"$token http://10.109.0.2:8000/api/releases/1/roles/controller -d @controller_new.json

Expected Result:
400 bad request

[root@nailgun ~]# cat /etc/fuel/version.yaml
VERSION:
  feature_groups:
    - mirantis
  production: "docker"
  release: "6.1"
  openstack_version: "2014.2.2-6.1"
  api: "1.0"
  build_number: "525"
  build_id: "2015-06-19_13-02-31"
  nailgun_sha: "dbd54158812033dd8cfd7e60c3f6650f18013a37"
  python-fuelclient_sha: "4fc55db0265bbf39c369df398b9dc7d6469ba13b"
  astute_sha: "1ea8017fe8889413706d543a5b9f557f5414beae"
  fuel-library_sha: "2e7a08ad9792c700ebf08ce87f4867df36aa9fab"
  fuel-ostf_sha: "8fefcf7c4649370f00847cc309c24f0b62de718d"
  fuelmain_sha: "a3998372183468f56019c8ce21aa8bb81fee0c2f"
[root@nailgun ~]#

tags: added: module-nailgun
Revision history for this message
deactivateduser (deactivateduser-deactivatedaccount) wrote :
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on fuel-web (master)

Change abandoned by Ivan Kliuk (<email address hidden>) on branch: master
Review: https://review.openstack.org/193812
Reason: The change is outdated.

tags: added: tech-debt
Changed in fuel:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-web (master)

Reviewed: https://review.openstack.org/193812
Committed: https://git.openstack.org/cgit/stackforge/fuel-web/commit/?id=4e5e889f82e6710e56803cd934a9a93f3859d3ca
Submitter: Jenkins
Branch: master

commit 4e5e889f82e6710e56803cd934a9a93f3859d3ca
Author: Ivan Kliuk <email address hidden>
Date: Sat Jun 20 17:55:19 2015 +0300

    Validation of id values for volumes_roles_mapping

      Any string can be set as 'id' in 'volumes_roles_mapping' and validation of
      node's role on PUT-request passes without an error.

    * Add an additional validation step into 'RoleValidator.validate_update'.
    * Add unit tests for node roles validation.

    Change-Id: I2f199f742931c582eb6ea35a3030d470724864c0
    Closes-Bug: #1467097

Changed in fuel:
status: In Progress → Fix Committed
Revision history for this message
Vitaly Sedelnik (vsedelnik) wrote :

Won't Fix for 6.1-updates because of Medium importance

Revision history for this message
Ksenia Svechnikova (kdemina) wrote :

Verify with MOS 7.0, build 301:

1. fuel role --rel 2 --role controller --file controller.yaml
Role successfully saved to controller.yaml.
 2. vim controller.yaml # Change id of "volumes_roles_mapping" to the blababla
3. fuel role --rel 2 --role controller --file controller.yaml --update
400 Client Error: Bad Request (Wrong data in volumes_roles_mapping. Volumes with ids [u'blablabla'] are not in the list of allowed volumes [u'os', u'logs', u'mongo', u'ceph', u'cephjournal', u'mysql', u'vm', u'image', u'cinder'])

Changed in fuel:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.