Project

Profile

Help

Issue #567

closed

Pulp raises an authentication exception when a user is not authorized

Added by rbarlow over 7 years ago. Updated over 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
2.4.0
Platform Release:
2.6.0
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

Description of problem:
Pulp confuses the words authentication and authorization[0]. This leads to confusion with our users[1].

Version-Release number of selected component (if applicable):
2.4.0-1

How reproducible:
Every time.

Steps to Reproduce:
1. Attempt to perform an action that your user is not authorized to perform.

Actual results:
Observe that the raised error is about authentication.

Expected results:
The raised error should be about authorization.

Additional info:
[0] https://github.com/pulp/pulp/blob/master/server/pulp/server/webservices/controllers/decorators.py#L194
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1081534

+ This bug was cloned from Bugzilla Bug #1150128 +

Actions #2

Updated by cduryee over 7 years ago

fixed in pulp 2.6.0-0.2.beta

+ This comment was cloned from Bugzilla #1150128 comment 2 +

Actions #3

Updated by igulina@redhat.com over 7 years ago

observed that in pulp 2.4.4 it is about authentication like in https://bugzilla.redhat.com/show_bug.cgi?id=1081534#c11

rpm -qa pulp-server

pulp-server-2.6.0-0.2.beta.el6.noarch

pulp-consumer -u consumer-admin register --consumer-id test04

Enter password:
Permission denied: user consumer-admin cannot perform CREATE.

+ This comment was cloned from Bugzilla #1150128 comment 3 +

Actions #4

Updated by bmbouter over 7 years ago

  • Severity changed from Medium to 2. Medium
Actions #5

Updated by rbarlow over 7 years ago

  • Status changed from 6 to CLOSED - CURRENTRELEASE
Actions #7

Updated by bmbouter over 3 years ago

  • Tags Pulp 2 added
Actions #8

Updated by bmbouter over 2 years ago

  • Category deleted (14)

We are removing the 'API' category per open floor discussion June 16, 2020.

Also available in: Atom PDF