Issue #400
closedWrong response code in Grant/Revoke permissions section
Description
Description of problem:
$ curl -i -H "Accept: application/json" -H "WebFrameworkSwitch: webpy" -X POST -k -u admin:admin -d '{"operations": ["READ", "DELETE"],"login": "ina","resource": "/v2/repositories/"}' "https://localhost//pulp/api/v2/permissions/actions/revoke_from_user/"
HTTP/1.1 404 Not Found
Date: Tue, 31 Mar 2015 14:18:52 GMT
Server: Apache/2.4.10 (Fedora) OpenSSL/1.0.1e-fips mod_wsgi/3.5 Python/2.7.5
Content-Encoding: utf-8
Content-Length: 368
Content-Type: application/json
{"http_request_method": "POST", "exception": null, "error_message": "Missing resource(s): user=ina", "_href": "/pulp/api/v2/permissions/actions/revoke_from_user/", "http_status": 404, "error": {"code": "PLP0009", "data": {"resources": {"user": "ina"}}, "description": "Missing resource(s): user=ina", "sub_errors": []}, "traceback": null, "resources": {"user": "ina"}}[ipanova@ina pulp]$
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual results:
404 response code
Expected results:
400 response code
Additional info:
+ This bug was cloned from Bugzilla Bug #1066472 +
Updated by dkliban@redhat.com about 9 years ago
https://github.com/pulp/pulp/pull/1208
+ This comment was cloned from Bugzilla #1066472 comment 1 +
Updated by ipanova@redhat.com about 9 years ago
Moving it back to assinged as it should give:
400 for invalid parameters
404 for non existent role/permission
At least pulp behavies this way(from the automation):
https://github.com/RedHatQE/pulp-automation/blob/master/tests/test_07_user_permissions.py#L64-L70
+ This comment was cloned from Bugzilla #1066472 comment 2 +
Updated by ipanova@redhat.com about 9 years ago
sorry,
404 for non existent user login/role id
+ This comment was cloned from Bugzilla #1066472 comment 3 +
Updated by bmbouter almost 9 years ago
- Category deleted (
1) - Tags Documentation added
Documentation is now a Tag not a Category.
Updated by ipanova@redhat.com almost 9 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to ipanova@redhat.com
Updated by ipanova@redhat.com almost 9 years ago
- Description updated (diff)
- Severity set to 1. Low
- Tags Easy Fix added
- Tags deleted (
Documentation)
Updated by ipanova@redhat.com almost 9 years ago
- Status changed from ASSIGNED to POST
Updated by ipanova@redhat.com almost 9 years ago
- Category set to 14
- Status changed from POST to MODIFIED
- Platform Release set to master
Added by ipanova@redhat.com almost 9 years ago
Added by ipanova@redhat.com almost 9 years ago
Revision d0cc29bd | View on GitHub
Wrong response code in Grant/Revoke permissions section.
closes #400
Now with missing required params MissingValue is raised and with invalid/nonexistent param passed in the data IvalidValue is raised.
Updated by ipanova@redhat.com almost 9 years ago
- % Done changed from 0 to 100
Applied in changeset pulp|d0cc29bdb96054545e908f1cd257fc7ca3dce744.
Updated by rbarlow almost 9 years ago
- Platform Release changed from master to 2.7.0
Updated by dkliban@redhat.com almost 9 years ago
- Status changed from MODIFIED to 5
Updated by igulina@redhat.com almost 9 years ago
- Status changed from 5 to 6
400 is returned if a login doesn't exist or there is an error in ROLE
>> rpm -qa pulp-server
pulp-server-2.7.0-0.3.beta.el7.noarch
>> pulp-admin auth user create --login barabashka
Enter password for user [barabashka] :
Re-enter password for user [barabashka]:
User [barabashka] successfully created
>> curl -i -H "Accept: application/json" -H "WebFrameworkSwitch: webpy" -X POST -k -u admin:admin -d '{"operations": ["READ", "DELETE"],"login": "barabashka","resource": "/v2/repositories/"}' "https://localhost//pulp/api/v2/permissions/actions/revoke_from_user/"
HTTP/1.1 200 OK
Date: Fri, 26 Jun 2015 15:37:13 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_wsgi/3.4 Python/2.7.5
Content-Length: 4
Content-Type: application/json
null
>> curl -i -H "Accept: application/json" -H "WebFrameworkSwitch: webpy" -X POST-u admin:admin -d '{"operations": ["READ", "DELETE"],"login": "no-user","resource": "/v2/repositories/"}' "https://localhost//pulp/api/v2/permissions/actions/revoke_from_user/"
HTTP/1.1 400 BAD REQUEST
Date: Fri, 26 Jun 2015 15:39:42 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_wsgi/3.4 Python/2.7.5
Content-Encoding: utf-8
Content-Length: 394
Connection: close
Content-Type: application/json
{"http_request_method": "POST", "exception": null, "error_message": "Invalid properties: ['login']", "property_names": ["login"], "_href": "//pulp/api/v2/permissions/actions/revoke_from_user/", "http_status": 400, "error": {"code": "PLP0015", "data": {"property_names": ["login"], "properties": "['login']"}, "description": "Invalid properties: ['login']", "sub_errors": []}, "traceback": null}
>> curl -i -H "Accept: application/json" -H "WebFrameworkSwitch: webpy" -X POST -k -u admin:admin -d '{"operations": ["READ", "NOROLE"],"login": "barabashka","resource": "/v2/repositories/"}' "https://localhost//pulp/api/v2/permissions/actions/revoke_from_user/"
HTTP/1.1 400 BAD REQUEST
Date: Fri, 26 Jun 2015 15:43:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_wsgi/3.4 Python/2.7.5
Content-Encoding: utf-8
Content-Length: 439
Connection: close
Content-Type: application/json
{"http_request_method": "POST", "exception": null, "error_message": "Invalid properties: ['operation_name']", "property_names": ["operation_name"], "_href": "//pulp/api/v2/permissions/actions/revoke_from_user/", "http_status": 400, "error": {"code": "PLP0015", "data": {"property_names": ["operation_name"], "properties": "['operation_name']"}, "description": "Invalid properties: ['operation_name']", "sub_errors": []}, "traceback": null}
Updated by amacdona@redhat.com over 8 years ago
- Status changed from 6 to CLOSED - CURRENTRELEASE
Updated by bmbouter almost 4 years ago
- Category deleted (
14)
We are removing the 'API' category per open floor discussion June 16, 2020.
Wrong response code in Grant/Revoke permissions section.
closes #400
Now with missing required params MissingValue is raised and with invalid/nonexistent param passed in the data IvalidValue is raised.