Bug 1036064 - Add whitespace as scopes will take userinfo as scopes without help info prompting when add authorization
Summary: Add whitespace as scopes will take userinfo as scopes without help info promp...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OpenShift Online
Classification: Red Hat
Component: oc
Version: 2.x
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: ---
: ---
Assignee: Jordan Liggitt
QA Contact: libra bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-11-29 10:32 UTC by weiwei jiang
Modified: 2015-05-15 02:26 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-01-30 00:51:21 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description weiwei jiang 2013-11-29 10:32:23 UTC 
Description of problem:
when add authorization with whitespace scopes "rhc authorization add --scopes ''", it will take userinfo as scopes and pass without error messages.
According the help doc of web console, userinfo scopes is the default scopes, but this point does not exist in the help info of rhc.

Version-Release number of selected component (if applicable):
devenv_4083
rhc-1.18.0

How reproducible:
always

Steps to Reproduce:
1.Add a authorization with whitespace scopes
rhc authorization add --scopes ""
rhc authorization add --scopes " "
2.
3.

Actual results:
It passed with userinfo scopes.

Expected results:
The following should just exist one:
1.The help info should prompt that userinfo is the default scopes, means when add whitespace as scopes will take default scopes.
2.Deny this usage, the scopes must be a valid string, should not be whitespace

Additional info:
Comment 1 Jordan Liggitt 2013-12-04 18:47:19 UTC 
Will merge in https://github.com/openshift/rhc/pull/520
Comment 2 openshift-github-bot 2013-12-04 23:43:43 UTC 
Commit pushed to master at https://github.com/openshift/rhc

https://github.com/openshift/rhc/commit/d3fd6cabf211b90dce5c099dbd8576b39a984b50
Fix bug 1036064: display scopes help when passing empty scopes on command line
Comment 3 weiwei jiang 2013-12-05 05:26:06 UTC 
Tried on devenv_4098 with rhc build from it and results as following:

# rhc authorization add --scopes ""
When adding an authorization, you must specify which permissions clients will have.

Scope                 Description
--------------------- ---------------------------------------------------------------------------------------------------------------------------------------------
session               Grants a client the authority to perform all API actions against your account. Valid for about 1 month.
read                  Allows the client to access resources you own without making changes. Does not allow access to view authorization tokens. Valid for 6 months.
userinfo              Allows a client to view your login name, unique id, and your user capabilities. Valid for 6 months.
domain/:id/view       Grant read-only access to a single domain. Valid for 6 months.
domain/:id/edit       Grant edit access to a single domain and all its applications. Valid for 6 months.
domain/:id/admin      Grant full administrative access to a single domain and all its applications. Valid for 6 months.
application/:id/view  Grant read-only access to a single application. Valid for 6 months.
application/:id/edit  Grant edit access to a single application. Valid for 6 months.
application/:id/admin Grant full administrative access to a single application. Valid for 6 months.

You may pass multiple scopes to the --scopes option inside of double quotes (--scopes "scope1 scope2") or by separating them with commas (--scopes scope1,scope2).

Run 'rhc authorization add --help' to see more options

So, can not reproduce this issue.
Note You need to log in before you can comment on or make changes to this bug.