Bug 996937

Summary: [origin_ui_73]Any of application scopes even can not do any allowed options
Product: OpenShift Online Reporter: Wei Sun <wsun>
Component: MasterAssignee: Clayton Coleman <ccoleman>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 2.xCC: ccoleman, xtian
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-19 16:47:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Wei Sun 2013-08-14 10:19:58 UTC 
Description of problem:
Create  any scope (admin, edit or view) for application in wsunmem3fork3 via RESTAPI,then try to show application info with this token,but it failed.It always shows "The requested application was not found".

Version-Release number of selected component (if applicable):
fork_ami_membership_origin_ui_73_765

How reproducible:
Always

Steps to Reproduce:
1.Create an application in wsunmem3fork3
2.Show the app info via CLI
3.Create scope for above application in wsunmem3fork3 via RESTAPI
4.Show the authorization 
5.Show the app info with token via RESTAPI

Actual results:
2.[wsun@dhcp-8-229 zdm]$ rhc app-show phpt -l wsun+mem3 -p changme
phpt @ http://phpt-wsunmem3fork3.dev.rhcloud.com/ (uuid: 774685425587573875539968)
----------------------------------------------------------------------------------
  Domain:  wsunmem3fork3
  Created: 4:54 PM
  Gears:   1 (defaults to small)
  Git URL: ssh://774685425587573875539968.rhcloud.com/~/git/phpt.git/
  SSH:     774685425587573875539968.rhcloud.com

  php-5.3 (PHP 5.3)
  -----------------
    Gears: 1 small

3.[wsun@dhcp-8-229 ~]$ curl -k -s -H "Accept: application/xml"  --user wsun+mem3:changeme  https://ec2-54-234-52-228.compute-1.amazonaws.com/broker/rest/user/authorizations -d scope=application/774685425587573875539968/admin  -d note=appadmin -X POST
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <status>created</status>
  <type>authorization</type>
  <data>
    <authorization>
      <token>1829536fd86570cdef74f682eb3ccb0b9ec9c6436637bbf047e971c0dc6768a7</token>
      <created-at>2013-08-14T09:43:50Z</created-at>
      <expires-in>2592000</expires-in>
      <expires-in-seconds>2592000</expires-in-seconds>
      <note>appadmin</note>
      <id>520b5156a64e5d8fb200006b</id>
      <scopes>application/774685425587573875539968/admin</scopes>
      <identity>wsun+mem3</identity>
      
  <messages>
    <message>
      <severity>info</severity>
      <text>Create authorization</text>
      <exit-code>0</exit-code>
      <field nil="true"></field>
    </message>
  </messages>
</response>

4.[wsun@dhcp-8-229 zdm]$ rhc authorization -l wsun+mem3 -p x
appadmin
--------
  Token:      1829536fd86570cdef74f682eb3ccb0b9ec9c6436637bbf047e971c0dc6768a7
  Scopes:     application/774685425587573875539968/admin
  Created:    5:43 PM
  Expires In: 30 days
5.[wsun@dhcp-8-229 ~]$ curl -k -s -H "Accept: application/xml" -H "Authorization: Bearer 1829536fd86570cdef74f682eb3ccb0b9ec9c6436637bbf047e971c0dc6768a7 "  https://ec2-54-234-52-228.compute-1.amazonaws.com/broker/rest/applications/774685425587573875539968
<?xml version="1.0" encoding="UTF-8"?>
<response>
  <status>not_found</status>
  <type nil="true"></type>
  <data>
    <datum nil="true"></datum>
  </data>
  <messages>
    <message>
      <severity>error</severity>
      <text>The requested application was not found.</text>
      <exit-code>101</exit-code>
      <field nil="true"></field>
    </message>
  </messages>
  
</response>


Expected results:
The scope of application could work well

Additional info:
Comment 1 Wei Sun 2013-08-16 08:52:39 UTC 
Test on devenv_3660,create  any scope (admin, edit , view,scale,build) for application,try to do the following allowed options to application with scope,but all failed.It returns "The requested application was not found".

1.Try to view application with view scope
2.Try to view/control application and control cartridge  with edit scope
3.Try to view/control/create application control cartridge with admin scope
4.Try to scale up/down application with scale scope
5.Try to build application with build scope
Comment 2 Clayton Coleman 2013-08-16 16:31:18 UTC 
app uuid (returned by broker) doesn't match the access control calls and interreferences.  Investigating a better way of doing UUID.
Comment 3 Clayton Coleman 2013-08-20 14:18:41 UTC 
This will be fixed by https://github.com/openshift/li/pull/1836 at the beginning of next sprint.  This doesn't block sprint exit because application tokens are non functional.
Comment 4 Clayton Coleman 2013-09-06 18:44:38 UTC 
Fixed by pull.
Comment 5 Wei Sun 2013-09-09 05:12:55 UTC 
Verified on devenv_3758
After creating the scope (admin, edit , view,scale) for application,could do the following options:

1.Try to view application with view scope
2.Try to view/control application and control cartridge  with edit scope
3.Try to view/control/delete application control cartridge with admin scope
4.Try to scale up/down application with scale scope