Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1099649

Summary: Permission Grant : Role-id Issue
Product: [Retired] Pulp Reporter: Ben Stromski <bstromski>
Component: API/integrationAssignee: Sayli Karmarkar <skarmark>
Status: CLOSED UPSTREAM QA Contact: pulp-qe-list
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: austin, cperry, pcreech17, skarmark
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-02-28 22:06:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ben Stromski 2014-05-20 20:12:08 UTC 
Description of problem:
A repository with a '.' in the repo-id will fail when trying to grant permission to a role-id to that repository.

Version-Release number of selected component (if applicable):
pulp 2.3.1-1.el6.noarch

How reproducible:
Everytime

Steps to Reproduce:
1. create a repo with a '.' in the name (i.e. rhel6.3-production)
2. create a new user & role (i.e. test/test)
3. pulp-admin auth permission grant --resource="/v2/repositories/rhel6.3-production/" -o execute -o update -o read -o delete --role-id="test"

Actual results:
An internal error occurred on the Pulp server. More information can be found in
the client log file ~/.pulp/admin.log.

-- From log --
  "exception": [
    "InvalidDocument: key '/v2/repositories/rhel6.2-qa-staging/' must not contain '.'\n"
  ],

Expected results:
This works when a --login=test is specified, but fails when --role-id is specified.

Additional info:
Comment 1 Sayli Karmarkar 2014-05-21 01:57:56 UTC 
I was able to reproduce this problem. Looking at the code, it looks like we are storing permissions for roles in the Roles collection as opposed to in the permissions collection. They are stored with resource as the key and tuple of allowed operations as the value. Since keys in mongo cannot have "." in them, we are seeing the error. We should do what we do for Users which is saving permissions for them in the permissions collection.
Comment 2 amacdona@redhat.com 2014-11-17 20:22:18 UTC 
https://bugzilla.redhat.com/show_bug.cgi?id=1099649
Comment 3 Sayli Karmarkar 2015-01-12 22:16:53 UTC 
Reviewed and merged https://github.com/pulp/pulp/pull/1394 submitted by a community member. Moving to modified
Comment 4 Brian Bouterse 2015-02-28 22:06:45 UTC 
Moved to https://pulp.plan.io/issues/433