Project

Profile

Help

Issue #4425

It's possible to create a duplicate login if name is different

Added by flamarion 9 months ago. Updated 7 months ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
pulp-admin
Sprint/Milestone:
Start date:
Due date:
Severity:
3. High
Version:
2.18.0
Platform Release:
2.19.0
Blocks Release:
OS:
Backwards Incompatible:
No
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
QA Contact:
Complexity:
Smash Test:
Verified:
No
Verification Required:
No
Sprint:
Sprint 49

Description

Hi,

By mistake I've added two users with the same login (oddly Pulp accepted this)

pulp-admin auth user create --login fjorg1 --name anyname1
pulp-admin auth user create --login fjorg1 --name anyname2

and now when I'm trying to remove one them I'm getting the following error message:

pulp-admin auth user delete --login fjorg1
An internal error occurred on the Pulp server:

RequestException: DELETE request
on /pulp/api/v2/users/fjorg1/ failed with 500 - 2 items returned, instead of 1

I have a monolithic installation with the following packages installed:

python-pulp-repoauth-2.18.0-2.el7.noarch
python-pulp-rpm-common-2.18.0-1.el7.noarch
pulp-rpm-plugins-2.18.0-1.el7.noarch
pulp-puppet-tools-2.18.0-1.el7.noarch
pulp-ostree-admin-extensions-1.3.1-1.el7.noarch
python-pulp-deb-common-1.8.0-1.el7.noarch
pulp-docker-plugins-3.2.2-1.el7.noarch
pulp-rpm-admin-extensions-2.18.0-1.el7.noarch
python-pulp-common-2.18.0-2.el7.noarch
python-pulp-oid_validation-2.18.0-2.el7.noarch
python-pulp-python-common-2.0.3-1.el7.noarch
pulp-selinux-2.18.0-2.el7.noarch
pulp-server-2.18.0-2.el7.noarch
pulp-python-plugins-2.0.3-1.el7.noarch
pulp-puppet-admin-extensions-2.18.0-1.el7.noarch
pulp-python-admin-extensions-2.0.3-1.el7.noarch
python-pulp-puppet-common-2.18.0-1.el7.noarch
python-pulp-docker-common-3.2.2-1.el7.noarch
libsolv-0.6.34-2.pulp.el7.x86_64
pulp-deb-plugins-1.8.0-1.el7.noarch
python-pulp-client-lib-2.18.0-2.el7.noarch
pulp-deb-admin-extensions-1.8.0-1.el7.noarch
python-pulp-ostree-common-1.3.1-1.el7.noarch
python2-solv-0.6.34-2.pulp.el7.x86_64
pulp-ostree-plugins-1.3.1-1.el7.noarch
pulp-admin-client-2.18.0-2.el7.noarch
pulp-puppet-plugins-2.18.0-1.el7.noarch
python-pulp-bindings-2.18.0-2.el7.noarch
pulp-docker-admin-extensions-3.2.2-1.el7.noarch

Please, can you help to sort this small issue, which is very important for me because it blocks the user to use the pulp-admin. The user can't login.

Associated revisions

History

#1 Updated by daviddavis 9 months ago

Thanks for the bug report. Do you have steps on how to produce this error? I tried to create duplicate users but wasn't able to:

$ pulp-admin auth user create --login admin --password tester                                                                                                                     
A resource with the ID "admin" already exists.

(pulp) [vagrant@pulp2 testrepo]$ pulp-admin -vvvv auth user create --login admin --password tester
2019-02-15 15:49:53,109 - DEBUG - sending POST request to /pulp/api/v2/users/
2019-02-15 15:49:53,243 - INFO - POST request to /pulp/api/v2/users/ with parameters {"login": "admin", "password": "tester", "name": "admin"}
2019-02-15 15:49:53,243 - INFO - Response status : 409 

2019-02-15 15:49:53,244 - INFO - Response body :
 {
  "exception": null, 
  "traceback": null, 
  "_href": "/pulp/api/v2/users/", 
  "resource_id": "admin", 
  "error_message": "Duplicate resource: admin", 
  "http_request_method": "POST", 
  "http_status": 409, 
  "error": {
    "code": "PLP0018", 
    "data": {
      "resource_id": "admin" 
    }, 
    "description": "Duplicate resource: admin", 
    "sub_errors": []
  }
}

2019-02-15 15:49:53,244 - ERROR - Exception occurred:
        href:      /pulp/api/v2/users/
        method:    POST
        status:    409
        error:     Duplicate resource: admin
        traceback: None
        data:      {u'resource_id': u'admin', u'error': {u'code': u'PLP0018', u'data': {u'resource_id': u'admin'}, u'description': u'Duplicate resource: admin', u'sub_errors': []}}

A resource with the ID "admin" already exists.

#2 Updated by daviddavis 9 months ago

Also, are you using katello or just straight pulp?

#3 Updated by flamarion 9 months ago

I will update this shortly, I'm on PTO and without access to the environment now.
Some preliminary information:

I'm using Pulp, straight Pulp.

Both users have been added via command pulp-admin, the only difference was the --name parameter.

The first one I've performed the command standalone, to test, the second one was part of a batch where the --login and --name was the same value.

#4 Updated by ipanova@redhat.com 9 months ago

$ pulp-admin auth user create --login ina --name ina
Warning: path should have mode 0700 because it may contain sensitive information: /home/ipanova/.pulp/

Enter password for user [ina] : 
Re-enter password for user [ina]: 

Password cannot be empty

Enter password for user [ina] : 
Re-enter password for user [ina]: 
Passwords do not match

Enter password for user [ina] : 
Re-enter password for user [ina]: 
User [ina] successfully created

[ipanova@ina pulp_rpm]$ pulp-admin auth user create --login ina --name lala
Warning: path should have mode 0700 because it may contain sensitive information: /home/ipanova/.pulp/

Enter password for user [ina] : 
Re-enter password for user [ina]: 
User [ina] successfully created

> use pulp_database
switched to db pulp_database
> db.users.find({'login':'ina'})
{ "_id" : ObjectId("5c7014b845ef4860c90098d3"), "login" : "ina", "name" : "lala", "password" : "3sDJdy2Nl9E=,zq95pmfDLDprsLnhpPvRetbRvKc407SiYtj98baRlDY=", "roles" : [ ], "_ns" : "users" }
{ "_id" : ObjectId("5c7014ac45ef4860ca413414"), "login" : "ina", "name" : "ina", "password" : "DQgL9rCTLxQ=,DYFZltiC79LfORURspfA4cwK8xQB0MXLfl5n2BTvCe8=", "roles" : [ ], "_ns" : "users" }
> 

[ipanova@ina pulp_rpm]$ pulp-admin auth user delete --login ina
Warning: path should have mode 0700 because it may contain sensitive information: /home/ipanova/.pulp/

An internal error occurred on the Pulp server:

RequestException: DELETE request
on /pulp/api/v2/users/ina/ failed with 500 - 2 items returned, instead of 1

#5 Updated by ttereshc 9 months ago

  • Subject changed from Not possible delete duplicate login to pulp-admin allows to create a duplicate login if name is different
  • Description updated (diff)
  • Triaged changed from No to Yes

#6 Updated by ttereshc 9 months ago

  • Subject changed from pulp-admin allows to create a duplicate login if name is different to It's possible to create a duplicate login if name is different

#8 Updated by ttereshc 9 months ago

  • Status changed from NEW to POST
  • Sprint set to Sprint 49

#9 Updated by ttereshc 9 months ago

@flamarion,
The PR in the comment above fixes indexes in the DB, so you can remove a duplicate user manually (see below) and then apply the patch to create a new index.

To remove a duplicated user:
1. Go to the machine where MongoDB is running (or see options for mongo client to connect to a remote host)
2. Find all the duplicated users for your login

$ mongo --eval 'db.users.find({login: "your_login_of_interest"})' pulp_database

3. Remove a user with a specific name
$ mongo --eval 'db.users.remove({login: "your_login_of_interest", name: "name_of_user_to_remove"})' pulp_database

4. On the machine where Pulp is installed and running apply a patch from the PR from the comment above, stop pulp services and run sudo -u apache pulp-manage-db.
If there are no duplicates left, this command will run successfully and the new index will be created.

Alternatively, if you don't want to apply patches, you can create the index manually. On the machine with MongoDB run

$ mongo --eval 'db.users.createIndex({login: 1}, {unique: true, background: false})' pulp_database

#10 Updated by ipanova@redhat.com 9 months ago

  • Assignee set to ttereshc

#11 Updated by flamarion 9 months ago

@ttereshc

First of all, thank you.

I've applied the index manually and I did manage to remove the duplicated user as well.

mongo --eval 'db.users.find({login: "fjorg1"})' pulp_database
MongoDB shell version v4.0.5
connecting to: mongodb://127.0.0.1:27017/pulp_database?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("83aa4e1f-5d19-411f-a845-aa3f327c684d") }
MongoDB server version: 4.0.5
{ "_id" : ObjectId("5c655d678204e1263792fa0d"), "login" : "fjorg1", "name" : "fjorg1", "password" : "BiRAu2DtSYc=,XSDRI7AN0WUi45RPCcXXiWvSmPpv8IBFuOMTcU/h8SU=", "roles" : [ "super-users" ], "_ns" : "users" }
{ "_id" : ObjectId("5c655af78204e12638d9854b"), "login" : "fjorg1", "name" : "Flamarion Jorge", "password" : "YSwVIg7qJu0=,1GCrJOo3NBOQu37rNfw4uvWYYUdI4p7KGsL3kSjg3Jw=", "roles" : [ "super-users" ], "_ns" : "users" }

mongo --eval 'db.users.remove({login: "fjorg1", name: "fjorg1"})' pulp_database
MongoDB shell version v4.0.5
connecting to: mongodb://127.0.0.1:27017/pulp_database?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("71219f1d-3886-48d3-9672-14d597748210") }
MongoDB server version: 4.0.5
WriteResult({ "nRemoved" : 1 })

mongo --eval 'db.users.createIndex({login: 1}, {unique: true, background: false})' pulp_database
MongoDB shell version v4.0.5
connecting to: mongodb://127.0.0.1:27017/pulp_database?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("ea9583d4-c1d6-49a9-a462-c9f96486e75b") }
MongoDB server version: 4.0.5
{
    "createdCollectionAutomatically" : false,
    "numIndexesBefore" : 3,
    "numIndexesAfter" : 4,
    "ok" : 1
}

mongo --eval 'db.users.find({login: "fjorg1"})' pulp_database
MongoDB shell version v4.0.5
connecting to: mongodb://127.0.0.1:27017/pulp_database?gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("856d5cb3-cd9a-494f-8e84-7f51c9f60527") }
MongoDB server version: 4.0.5
{ "_id" : ObjectId("5c655af78204e12638d9854b"), "login" : "fjorg1", "name" : "Flamarion Jorge", "password" : "YSwVIg7qJu0=,1GCrJOo3NBOQu37rNfw4uvWYYUdI4p7KGsL3kSjg3Jw=", "roles" : [ "super-users" ], "_ns" : "users" }

#12 Updated by ttereshc 9 months ago

  • Status changed from POST to MODIFIED

#13 Updated by ttereshc 8 months ago

  • Platform Release set to 2.19.0

#14 Updated by ttereshc 8 months ago

  • Sprint/Milestone changed from 2.18.0 to 2.19.0

#15 Updated by ttereshc 8 months ago

  • Status changed from MODIFIED to ON_QA

#16 Updated by ttereshc 8 months ago

  • Status changed from ON_QA to CLOSED - CURRENTRELEASE

#17 Updated by bmbouter 7 months ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF