Bug 1595158

Summary: API with an invalid zone name kill the appliance
Product: Red Hat CloudForms Management Engine Reporter: Gellert Kis <gekis>
Component: APIAssignee: Julian Cheal <jcheal>
Status: CLOSED CURRENTRELEASE QA Contact: Jaroslav Henner <jhenner>
Severity: medium Docs Contact:
Priority: high    
Version: 5.9.0CC: bsorota, cpelland, dmetzger, fdewaley, greartes, gtanzill, jcheal, jprause, obarenbo, simaishi, smallamp
Target Milestone: GAKeywords: TestOnly, ZStream
Target Release: 5.10.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 5.10.0.12 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1599349 (view as bug list) Environment:
5.9
Last Closed: 2019-02-11 14:00:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1578510, 1599349, 1648808    

Comment 10 Satoe Imaishi 2018-08-23 12:06:12 UTC 
https://github.com/ManageIQ/manageiq/pull/17892
Comment 11 Jaroslav Henner 2018-10-18 12:19:38 UTC 
$ cat /tmp/data
{ "server": { "name": "Test Name", "zone": "de fault"}}

$ curl -k https://10.8.197.222/api/servers/1/settings -u admin:smartvm --data @/tmp/data -XPATCH
{"error":{"kind":"bad_request","message":"Settings validation failed - server-zone: zone, \"de fault\", invalid. Should be a valid Zone","klass":"Api::BadRequestError"}}%

It seems like this has been fixed, but I would first like to reproduce this problem.
Comment 12 Jaroslav Henner 2018-10-22 11:48:41 UTC 
(In reply to Jaroslav Henner from comment #11)
> $ cat /tmp/data
> { "server": { "name": "Test Name", "zone": "de fault"}}
> 
> $ curl -k https://10.8.197.222/api/servers/1/settings -u admin:smartvm
> --data @/tmp/data -XPATCH
> {"error":{"kind":"bad_request","message":"Settings validation failed -
> server-zone: zone, \"de fault\", invalid. Should be a valid
> Zone","klass":"Api::BadRequestError"}}%
> 
> It seems like this has been fixed, but I would first like to reproduce this
> problem.

In 5.10.0.8 I am allowed to change the zone to something invalid. But it doesn't seem to cause a change in the Web-UI ( I can still see Zone: default there) nor it does seem to cause any problems with CFME connectivity. So I couldn't fully reproduce, but new behaviour (forbiding setting to invalid zone) should prevent the problems, so VERIFIED.