1025691 – Can't add/remove members to domain with admin domain token which is generated by domain owner or admin member

Bug 1025691 - Can't add/remove members to domain with admin domain token which is generated by domain owner or admin member

Summary: Can't add/remove members to domain with admin domain token which is generat...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OpenShift Online
Classification:	Red Hat
Component:	oc
Sub Component:
Version:	2.x
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Jessica Forrester
QA Contact:	libra bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-11-01 10:08 UTC by XiuJuan Wang
Modified:	2015-05-15 02:26 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-01-24 03:28:27 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description XiuJuan Wang 2013-11-01 10:08:36 UTC

Description of problem:

Generate an admin domain token with domain owner or admin member, and try to  add/remove members to a  domain with domain admin token,
it will fail and show "There is no account with login xx".

Version-Release number of selected component (if applicable):
rhc 1.16.8
devenv-stage_546

How reproducible:
always

Steps to Reproduce:
1.create admin domain token with domain owner or admin member
2.Check authorization of this user
3.Add member with a exist account to a domain use domain admin token
4.list members of this user
5.remove a exist member from domain with --token

Actual results:
1.[wxj@wangxiuj]$ rhc authorization-add --scopes domain/52731fff0da65753c2000010/admin --note admin-token
Adding authorization ... done

admin-token
-----------
  Token:      666bd9d6117d714ce8008557f43442e04ec446c34370871ada5346dcd4feb7d6
  Scopes:     domain/52731fff0da65753c2000010/admin
  Created:    5:39 PM
  Expires In: about 6 months
2.[wxj@wangxiuj]$ rhc authorization
admin-token
-----------
  Token:      d1860a56c558b17f858a3b003caf69cb2381d8f18062983195be59a32aec27df
  Scopes:     domain/52734d020da6578e510001ec/admin
  Created:    5:42 PM
  Expires In: about 6 months
3.[wxj@wangxiuj]$ rhc add-member xiuwang+3 -r admin -n xiu --token  d1860a56c558b17f858a3b003caf69cb2381d8f18062983195be59a32aec27df
Adding 1 administrator to domain ... There is no account with login xiuwang+3.

4.[wxj@wangxiuj]$ rhc member-list -n xiu
Login                Role
-------------------- -------------
xiuwang+2 admin (owner)
xiuwang+1 edit
5.[wxj@wangxiuj]$ rhc member-remove xiuwang+1 -n xiu --token d1860a56c558b17f858a3b003caf69cb2381d8f18062983195be59a32aec27df
Removing 1 member from domain ... There is no account with login xiuwang+1.


Expected results:
should add/remove members successfully

Additional info:

Comment 1 Clayton Coleman 2013-11-01 18:56:35 UTC

Will fix for 2.0, does not block sprint 35 exit

Comment 2 Jessica Forrester 2013-11-11 18:57:18 UTC

Fix is in https://github.com/openshift/origin-server/pull/4122

Comment 3 openshift-github-bot 2013-11-11 22:11:20 UTC

Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/9fbbddb6afa37a02a1e78f6eb75aa9f652a35b48
Bug 1025691 - can't add member to a domain when authenticate with token

Comment 4 XiuJuan Wang 2013-11-12 09:37:23 UTC

denenv_4022
lastest rhc build from the server

Now this problem works well

[wxj@wangxiuj .openshift]$ rhc member-add xiuwang+3 -n cat -r admin  --token 892c263cead20d3abd1683829dfaade597b8ad34f77a3401ab7d43201375cba7
Adding 1 administrator to domain ... done

Note You need to log in before you can comment on or make changes to this bug.