Description of problem: A repository with a '.' in the repo-id will fail when trying to grant permission to a role-id to that repository. Version-Release number of selected component (if applicable): pulp 2.3.1-1.el6.noarch How reproducible: Everytime Steps to Reproduce: 1. create a repo with a '.' in the name (i.e. rhel6.3-production) 2. create a new user & role (i.e. test/test) 3. pulp-admin auth permission grant --resource="/v2/repositories/rhel6.3-production/" -o execute -o update -o read -o delete --role-id="test" Actual results: An internal error occurred on the Pulp server. More information can be found in the client log file ~/.pulp/admin.log. -- From log -- "exception": [ "InvalidDocument: key '/v2/repositories/rhel6.2-qa-staging/' must not contain '.'\n" ], Expected results: This works when a --login=test is specified, but fails when --role-id is specified. Additional info:
I was able to reproduce this problem. Looking at the code, it looks like we are storing permissions for roles in the Roles collection as opposed to in the permissions collection. They are stored with resource as the key and tuple of allowed operations as the value. Since keys in mongo cannot have "." in them, we are seeing the error. We should do what we do for Users which is saving permissions for them in the permissions collection.
https://bugzilla.redhat.com/show_bug.cgi?id=1099649
Reviewed and merged https://github.com/pulp/pulp/pull/1394 submitted by a community member. Moving to modified
Moved to https://pulp.plan.io/issues/433