Bug 848663

Summary: Dose not strictly check the 'nolinks ' input parameter to suppress link in REST apis
Product: OKD Reporter: Wei Sun <wsun>
Component: MasterAssignee: Ravi Sankar <rpenta>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: low Docs Contact:
Priority: medium    
Version: 2.xCC: rpenta, xtian
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: devenv_2051 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-09-17 21:29:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Wei Sun 2012-08-16 07:19:43 UTC 
Description of problem:
if the nolinks parameter is true or 1,it don't show links,and if nolinks parameter is false or 0,it show links.
But if the nolinks parameter is other value ,eg:nolinks=haha,it also can show links,and don't return any error messages.

Version-Release number of selected component (if applicable):
devenv_1997

How reproducible:
always

Steps to Reproduce:
1.curl -k -X GET -H "Accept: application/xml" --user wsun:red  https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/api?nolinks=haha
2.
3.
  
Actual results:
[openshift@localhost ~]$ curl -k -X GET -H "Accept: application/xml" --user wsun:red  https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/api?nolinks=haha
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <supported-api-versions>
    <supported-api-version>1.0</supported-api-version>
    <supported-api-version>1.1</supported-api-version>
  </supported-api-versions>
  <type>links</type>
  <status>ok</status>
  <messages/>
  <version>1.1</version>
  <data>
    <link>
      <optional-params/>
      <href>https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/domains</href>
      <method>GET</method>
      <required-params/>
      <rel>List domains</rel>
    </link>
    <link>
      <optional-params/>
      <href>https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/api</href>
      <method>GET</method>
      <required-params/>
      <rel>API entry point</rel>
    </link>
    <link>
      <optional-params/>
      <href>https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/cartridges</href>
      <method>GET</method>
      <required-params/>
      <rel>List cartridges</rel>
    </link>
    <link>
      <optional-params/>
      <href>https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/application_templates</href>
      <method>GET</method>
      <required-params/>
      <rel>List application templates</rel>
    </link>
    <link>
      <optional-params/>
      <href>https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/estimates</href>
      <method>GET</method>
      <required-params/>
      <rel>List available estimates</rel>
    </link>
    <link>
      <optional-params/>
      <href>https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/user</href>
      <method>GET</method>
      <required-params/>
      <rel>Get user information</rel>
    </link>
    <link>
      <optional-params/>
      <href>https://ec2-184-72-152-88.compute-1.amazonaws.com/broker/rest/domains</href>
      <method>POST</method>
      <required-params>
        <param>
          <description>Name of the domain</description>
          <type>string</type>
          <name>id</name>
          <valid-options/>
          <invalid-options>
            <invalid-option>amentra</invalid-option>
            <invalid-option>aop</invalid-option>
            <invalid-option>apiviz</invalid-option>
            <invalid-option>arquillian</invalid-option>
            <invalid-option>blacktie</invalid-option>
            <invalid-option>boxgrinder</invalid-option>
            <invalid-option>byteman</invalid-option>
            <invalid-option>cirras</invalid-option>
            <invalid-option>cloud</invalid-option>
            <invalid-option>cloudforms</invalid-option>
            <invalid-option>cygwin</invalid-option>
            <invalid-option>davcache</invalid-option>
            <invalid-option>dogtag</invalid-option>
            <invalid-option>drools</invalid-option>
            <invalid-option>drools</invalid-option>
            <invalid-option>ejb3</invalid-option>
            <invalid-option>errai</invalid-option>
            <invalid-option>esb</invalid-option>
            <invalid-option>fedora</invalid-option>
            <invalid-option>freeipa</invalid-option>
            <invalid-option>gatein</invalid-option>
            <invalid-option>gfs</invalid-option>
            <invalid-option>gravel</invalid-option>
            <invalid-option>guvnor</invalid-option>
            <invalid-option>hibernate</invalid-option>
            <invalid-option>hornetq</invalid-option>
            <invalid-option>iiop</invalid-option>
            <invalid-option>infinispan</invalid-option>
            <invalid-option>ironjacamar</invalid-option>
            <invalid-option>javassist</invalid-option>
            <invalid-option>jbcaa</invalid-option>
            <invalid-option>jbcd</invalid-option>
            <invalid-option>jboss</invalid-option>
            <invalid-option>jbpm</invalid-option>
            <invalid-option>jdcom</invalid-option>
            <invalid-option>jgroups</invalid-option>
            <invalid-option>jmx</invalid-option>
            <invalid-option>jopr</invalid-option>
            <invalid-option>jrunit</invalid-option>
            <invalid-option>jsfunit</invalid-option>
            <invalid-option>kosmos</invalid-option>
            <invalid-option>liberation</invalid-option>
            <invalid-option>makara</invalid-option>
            <invalid-option>mass</invalid-option>
            <invalid-option>maven</invalid-option>
            <invalid-option>metajizer</invalid-option>
            <invalid-option>metamatrix</invalid-option>
            <invalid-option>mobicents</invalid-option>
            <invalid-option>mod_cluster</invalid-option>
            <invalid-option>modeshape</invalid-option>
            <invalid-option>mugshot</invalid-option>
            <invalid-option>mysql</invalid-option>
            <invalid-option>netty</invalid-option>
            <invalid-option>openshift</invalid-option>
            <invalid-option>osgi</invalid-option>
            <invalid-option>overlord</invalid-option>
            <invalid-option>ovirt</invalid-option>
            <invalid-option>penrose</invalid-option>
            <invalid-option>picketbox</invalid-option>
            <invalid-option>picketlink</invalid-option>
            <invalid-option>portletbridge</invalid-option>
            <invalid-option>portletswap</invalid-option>
            <invalid-option>posse</invalid-option>
            <invalid-option>pressgang</invalid-option>
            <invalid-option>qumranet</invalid-option>
            <invalid-option>railo</invalid-option>
            <invalid-option>redhat</invalid-option>
            <invalid-option>resteasy</invalid-option>
            <invalid-option>rhca</invalid-option>
            <invalid-option>rhcds</invalid-option>
            <invalid-option>rhce</invalid-option>
            <invalid-option>rhcsa</invalid-option>
            <invalid-option>rhcss</invalid-option>
            <invalid-option>rhct</invalid-option>
            <invalid-option>rhcva</invalid-option>
            <invalid-option>rhel</invalid-option>
            <invalid-option>rhev</invalid-option>
            <invalid-option>rhq</invalid-option>
            <invalid-option>rhx</invalid-option>
            <invalid-option>richfaces</invalid-option>
            <invalid-option>riftsaw</invalid-option>
            <invalid-option>savara</invalid-option>
            <invalid-option>scribble</invalid-option>
            <invalid-option>seam</invalid-option>
            <invalid-option>shadowman</invalid-option>
            <invalid-option>shotoku</invalid-option>
            <invalid-option>shrinkwrap</invalid-option>
            <invalid-option>snowdrop</invalid-option>
            <invalid-option>solidice</invalid-option>
            <invalid-option>spacewalk</invalid-option>
            <invalid-option>spice</invalid-option>
            <invalid-option>steamcannon</invalid-option>
            <invalid-option>stormgrind</invalid-option>
            <invalid-option>switchyard</invalid-option>
            <invalid-option>tattletale</invalid-option>
            <invalid-option>teiid</invalid-option>
            <invalid-option>tohu</invalid-option>
            <invalid-option>torquebox</invalid-option>
            <invalid-option>weld</invalid-option>
            <invalid-option>wise</invalid-option>
            <invalid-option>xnio</invalid-option>
          </invalid-options>
        </param>
      </required-params>
      <rel>Create new domain</rel>
    </link>
  </data>
</response>


Expected results:
nolinks only can have values "true|false|0|1"

Additional info:
Comment 1 Ravi Sankar 2012-08-17 17:29:57 UTC 
This will be fixed later today.
Comment 2 Ravi Sankar 2012-08-22 08:49:33 UTC 
Fixed in git revision bb8b12198.
Comment 3 Wei Sun 2012-08-23 02:24:55 UTC 
verified on devenv-stage_233

[sunwei@dhcp-8-229 dev]$ curl -k -X GET -H "Accept: application/xml" --user wsun:red  https://ec2-23-22-239-11.compute-1.amazonaws.com/broker/rest/api?nolinks=haha
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <type nil="true"></type>
  <version>1.1</version>
  <supported-api-versions>
    <supported-api-version>1.0</supported-api-version>
    <supported-api-version>1.1</supported-api-version>
  </supported-api-versions>
  <data>
    <datum nil="true"></datum>
  </data>
  <status>unprocessable_entity</status>
  <messages>
    <message>
      <field nil="true"></field>
      <exit-code>167</exit-code>
      <text>Invalid value for 'nolinks'. Valid options: [true, false, 1, 0]</text>
      <severity>error</severity>
    </message>
  </messages>
</response>