Bug 773139

Summary: user's domain can be destroyed with any domain name
Product: OKD Reporter: Meng Bo <bmeng>
Component: ContainersAssignee: Rajat Chopra <rchopra>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 1.xCC: dmcphers
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-01-30 04:58:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Meng Bo 2012-01-11 03:37:12 UTC 
Description of problem:
rhc-ctl-domain command can create user domain even use the wrong domain name

Version-Release number of selected component (if applicable):
rhc-broker-0.84.37-1.el6_2.noarch 
rhc-node-0.84.21-1.el6_2.noarch 

How reproducible:
always

Steps to Reproduce:
1.create domain with user
# rhc-create-domain -n bmengtestdomain1 -l bmeng+1 
2.try to destroy the domain using wrong name
# rhc-ctl-domain --destroy -n abcd -l bmeng+1 -d
3.
  
Actual results:
user domain had been destroyed successfully.

Expected results:
there should be some error appears since the domain name is wrong

Additional info:

[root@localhost ~]# rhc-ctl-domain --destroy -n aaa -l bmeng+1 -d
Password: 
Submitting form:
delete: true
namespace: aaa
rhlogin: bmeng+1
Contacting https://ec2-107-21-79-175.compute-1.amazonaws.com
Response from server:
DEBUG:


Exit Code: 0
broker_c: namespacerhloginsshapp_uuiddebugaltercartridgecart_typeactionapp_nameapi
api_c: placeholder
API version:    1.1.1
Broker version: 1.1.1
Success
Comment 1 Abhishek Gupta 2012-01-11 19:33:41 UTC 
This needs to be a backend validation. On the other hand, if the namespace is not required to be specified (if the login/password is enough), then we can remove the namespace from being a required field for the rhc-ctl-domain --destroy command.
Comment 2 Rajat Chopra 2012-01-11 23:24:59 UTC 
Fixed with checkin# 3fd8270..ab9c85d
If the rhlogin does not match with the namespace provided, then an error is printed saying so.
Comment 3 Meng Bo 2012-01-12 04:56:31 UTC 
verified with rhc-0.84.11-1.el6_2.noarch and rubygem-cloud-sdk-controller-0.2.30-1.el6_2.noarch ,on devenv-stage_112
bug fixed.