1101147 – [AAA] Missing 'name' field for admin user in /ovirt-engine/api/users object

Bug 1101147 - [AAA] Missing 'name' field for admin user in /ovirt-engine/api/users object

Summary: [AAA] Missing 'name' field for admin user in /ovirt-engine/api/users object

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine
Sub Component:
Version:	3.5.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	3.5.0
Assignee:	Yair Zaslavsky
QA Contact:	Ilanit Stein
Docs Contact:
URL:
Whiteboard:	infra
Depends On:
Blocks:	oVirt-AAA-rewrite rhev3.5beta 1156165
TreeView+	depends on / blocked

Reported:	2014-05-26 09:26 UTC by Ilanit Stein
Modified:	2016-02-10 19:10 UTC (History)
CC List:	11 users (show)
Fixed In Version:	ovirt-3.5.0-beta2
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-02-11 20:53:08 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	30488	0	None	None	None	Never
oVirt gerrit	30504	0	ovirt-engine-3.5	MERGED	aaa: Fixing missing name field for admin user	Never

Description Ilanit Stein 2014-05-26 09:26:52 UTC

Description of problem:

There is a regression in rhevm 3.5, compared to rhevm 3.4,
that the 'name' field no longer exist, in users object, for admin user.

In the bellow users object for a 3.5 setup example,
user vdcadmin had name field.
user admin do not have name field

<users>
    <user href="/ovirt-engine/api/users/00000010-0010-0010-0010-00000000022e" id="00000010-0010-0010-0010-00000000022e">
        <name>vdcadmin</name>
        <link href="/ovirt-engine/api/users/00000010-0010-0010-0010-00000000022e/permissions" rel="permissions"/>
        <link href="/ovirt-engine/api/users/00000010-0010-0010-0010-00000000022e/roles" rel="roles"/>
        <link href="/ovirt-engine/api/users/00000010-0010-0010-0010-00000000022e/tags" rel="tags"/>
        <domain href="/ovirt-engine/api/domains/71612e6c-6162-2e74-6c76-2e7265646861" id="71612e6c-6162-2e74-6c76-2e7265646861"/>
        <domain_entry_id>39623930303264312D656333332D343038332D386137622D333166366238393331363438</domain_entry_id>
        <user_name>vdcadmin.tlv.redhat.com.tlv.redhat.com</user_name>
        <groups>
            <group>
                <name>qa.lab.tlv.redhat.com/QA-All-Users/testGroup</name>
            </group>
            <group>
                <name>qa.lab.tlv.redhat.com/frodo1-id-21324444</name>
            </group>
            <group>
                <name>qa.lab.tlv.redhat.com/Builtin/Administrators</name>
            </group>
        </groups>
    </user>
    <user href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc" id="fdfc627c-d875-11e0-90f0-83df133b58cc">
        <link href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc/permissions" rel="permissions"/>
        <link href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc/roles" rel="roles"/>
        <link href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc/tags" rel="tags"/>
        <domain href="/ovirt-engine/api/domains/696e7465-726e-616c-696e-7465726e616c" id="696e7465-726e-616c-696e-7465726e616c"/>
        <domain_entry_id>66646663363237632D643837352D313165302D393066302D383364663133336235386363</domain_entry_id>
        <user_name>admin@internal</user_name>
    </user>
</users>


Version-Release number of selected component (if applicable):
It was seen starting automatic test run on 3.5.0-0.1000.980.d8d0b42.master.el6ev :
http://jenkins-ci.eng.lab.tlv.redhat.com/view/0%20Unstable%203.5/job/rhevm_3.5_automation_coretools_two_hosts_restapi_vms_nfs_rest_factory/7/

Comment 1 Oved Ourfali 2014-05-26 11:21:02 UTC

Yair - can you have a look?

Comment 2 Yair Zaslavsky 2014-05-26 11:33:06 UTC

InternalAuthz does not set a "first name" on the ExtMap 

        adminUser = new ExtMap().mput(
                Authz.PrincipalRecord.NAME,
                configuration.getProperty("config.authz.user.name")
                ).mput(
                        Authz.PrincipalRecord.ID,
                        configuration.getProperty("config.authz.user.id")
                );

should probably have another .mput call that sets
Authz.PrincipalRecord.FIRST_NAME with "admin" (read from configuration of course).

Comment 4 Ilanit Stein 2014-08-06 14:09:24 UTC

Run same test as in description, with version
4177d523c82b9bf2759b2cbc2c3677f49be956ca (origin/master):

http://jenkins-ci.eng.lab.tlv.redhat.com/view/0%20Unstable%203.5/job/rhevm_3.5_automation_coretools_two_hosts_restapi_vms_nfs_rest_factory/379

Now both users (admin, vdcadmin) have name field, but it is empty,
is it OK?

<users>
    <user href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc" id="fdfc627c-d875-11e0-90f0-83df133b58cc">
        <name>admin</name>
        <link href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc/permissions" rel="permissions"/>
        <link href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc/roles" rel="roles"/>
        <link href="/ovirt-engine/api/users/fdfc627c-d875-11e0-90f0-83df133b58cc/tags" rel="tags"/>
        <domain href="/ovirt-engine/api/domains/696e7465-726e-616c-696e-7465726e616c" id="696e7465-726e-616c-696e-7465726e616c"/>
        <domain_entry_id>66646663363237632D643837352D313165302D393066302D383364663133336235386363</domain_entry_id>
        <namespace>*</namespace>
        <user_name>admin@internal</user_name>
        <groups>
            <group>
                <name></name>
            </group>
        </groups>
    </user>
    <user href="/ovirt-engine/api/users/0000001a-001a-001a-001a-000000000326" id="0000001a-001a-001a-001a-000000000326">
        <name>vdcadmin</name>
        <link href="/ovirt-engine/api/users/0000001a-001a-001a-001a-000000000326/permissions" rel="permissions"/>
        <link href="/ovirt-engine/api/users/0000001a-001a-001a-001a-000000000326/roles" rel="roles"/>
        <link href="/ovirt-engine/api/users/0000001a-001a-001a-001a-000000000326/tags" rel="tags"/>
        <domain href="/ovirt-engine/api/domains/71612e6c-6162-2e74-6c76-2e7265646861" id="71612e6c-6162-2e74-6c76-2e7265646861"/>
        <domain_entry_id>39623930303264312D656333332D343038332D386137622D333166366238393331363438</domain_entry_id>
        <namespace>*</namespace>
        <user_name>vdcadmin.tlv.redhat.com</user_name>
        <groups>
            <group>
                <name></name>
            </group>
        </groups>
    </user>
</users>

Comment 5 Alon Bar-Lev 2014-08-06 14:11:20 UTC

Why empty?

<name>admin</name>
<name>vdcadmin</name>

Comment 6 Ilanit Stein 2014-08-07 07:25:38 UTC

my mistake, I looked on the wrong name field. Moving to verified

Note You need to log in before you can comment on or make changes to this bug.