Bug 1493788
Summary: | it's possible to add multiple shopping carts for the authenticated user | ||
---|---|---|---|
Product: | Red Hat CloudForms Management Engine | Reporter: | Martin Kourim <mkourim> |
Component: | API | Assignee: | Gregg Tanzillo <gtanzill> |
Status: | CLOSED ERRATA | QA Contact: | Parthvi Vala <pvala> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5.8.0 | CC: | dajohnso, jhardy, nansari, obarenbo, simaishi |
Target Milestone: | GA | Keywords: | PrioBumpQA |
Target Release: | 5.10.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | api:rest:services | ||
Fixed In Version: | 5.10.0.0 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-02-07 23:02:46 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Martin Kourim
2017-09-20 23:57:40 UTC
On 5.9.0.10 it's still possible to create multiple carts: POST /api/service_orders { "name": "cart1"} Response: { "results": [ { ... "name": "cart1", "tenant_id": "2", "user_id": "1", "user_name": "Administrator", "state": "cart", ... } ] } POST /api/service_orders { "name": "cart2"} Response: { "results": [ { ... "name": "cart2", "tenant_id": "2", "user_id": "1", "user_name": "Administrator", "state": "cart", ... } ] } New commit detected on ManageIQ/manageiq-api/master: https://github.com/ManageIQ/manageiq-api/commit/fa36a7f18a4fa838b2dc64b2a9fa4297337a3c78 commit fa36a7f18a4fa838b2dc64b2a9fa4297337a3c78 Author: Jillian Tullo <jtullo> AuthorDate: Fri Feb 16 15:12:35 2018 -0500 Commit: Jillian Tullo <jtullo> CommitDate: Fri Feb 16 15:36:42 2018 -0500 Only allow one cart to be created at a time This ensures that the user is assigned before saving, to ensure that only one cart is created at a time Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1493788 app/controllers/api/service_orders_controller.rb | 13 +++++++++++-- spec/requests/service_orders_spec.rb | 16 ++++++++++++++++ 2 files changed, 27 insertions(+), 2 deletions(-) FIXED. Verified on 5.10.0.30.20181218191323_900a416. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:0212 |