1126731 – UI should throw proper validation error while updating some params with any random value(like utf-8 or -ve values)

Bug 1126731 - UI should throw proper validation error while updating some params with any random value(like utf-8 or -ve values)

Summary: UI should throw proper validation error while updating some params with any r...

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Settings
Sub Component:
Version:	6.0.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	low
Target Milestone:	Unspecified
Assignee:	Ondřej Pražák
QA Contact:	Sanket Jagtap
Docs Contact:
URL:	http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-08-05 07:25 UTC by Sachin Ghai
Modified:	2019-09-26 17:39 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-08-01 19:57:43 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
param 'libvirt_default_console_address' and 'remote_addr' updated with utf8 chars (38.61 KB, image/png) 2014-08-05 07:25 UTC, Sachin Ghai	no flags	Details
parameters whose value should be an url can contain utf8 chars (58.94 KB, image/png) 2014-08-05 07:30 UTC, Sachin Ghai	no flags	Details
Trusted Puppet master screenshot (118.03 KB, image/png) 2016-06-01 11:30 UTC, Sanket Jagtap	no flags	Details
more options that requires checks (email) (56.03 KB, image/png) 2016-06-01 11:31 UTC, Sanket Jagtap	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	6924	0	None	None	None	2016-04-22 16:52:45 UTC

Description Sachin Ghai 2014-08-05 07:25:42 UTC

Created attachment 924115 [details]
param 'libvirt_default_console_address' and 'remote_addr' updated with utf8 chars

Description of problem:
I'm bit confused with the validation around the parameter those should contain a valid URL as a value or an IP address as a value.

For example:

if I update "unattended_url" parameter under provisioning tab with utf8 characters then UI throws error "Value must be a valid URI"

Similarly, If I update following params, with any value, UI doesn't raise any error:

- login_delegation_logout_url : accepts all values (-ve value, null values, utf-8, latin-1, html etc)

- signo_url: accepts all values (-ve value, null values, utf-8, latin-1, html etc)

- trusted_puppetmaster_hosts : Since its accepts value in an array, so I can add any value (-ve, null, html) between [].


Also, the parameters whose value can be a IP address should also be validated before accepting the value.

libvirt_default_console_address: accepts all values (-ve value, null values, utf-8, latin-1, html etc)

remote_addr: accepts all values (-ve value, null values, utf-8, latin-1, html etc)


Version-Release number of selected component (if applicable):
sat6 GA snap3

How reproducible:
always

Steps to Reproduce:
1. update all above mentioned parameters under settings menu with some unknown random value.
2.
3.

Actual results:
No validation around above parameters. User can edit all these parameters with any value. A parameter whose value should be only a URL can accept anything. or a param whose value should be an IP address can accept utf8 characters. 

Expected results:
Proper validation needs to be placed for parameters. As soon as user input any value, it should be validated by UI and user should get an error message if its a invalid value.

Additional info:

Comment 1 Sachin Ghai 2014-08-05 07:30:22 UTC

Created attachment 924116 [details]
parameters whose value should be an url can contain utf8 chars

Comment 3 Dominic Cleal 2014-08-05 08:00:18 UTC

Created redmine issue http://projects.theforeman.org/issues/6924 from this bug

Comment 4 Bryan Kearney 2015-08-25 17:59:50 UTC

Upstream bug component is Provisioning

Comment 5 Bryan Kearney 2015-09-02 17:23:09 UTC

Upstream bug component is Settings

Comment 6 Bryan Kearney 2016-03-14 18:14:02 UTC

Moving to POST since upstream bug http://projects.theforeman.org/issues/6924 has been closed
-------------
Ondřej Pražák
Applied in changeset commit:7339369dc896aa9eb3c0bdc1af7992dd6268acfd.

Comment 7 Sanket Jagtap 2016-06-01 11:30:02 UTC

Created attachment 1163585 [details]
Trusted Puppet master screenshot

Issue still persists in Trusted Puppet master hosts options.
No validation for parameters.

and other options that were not validated are 

Administrator email address
Email reply address
root password in provisioning settings

attached screenshots of the same.

Comment 8 Sanket Jagtap 2016-06-01 11:31:10 UTC

Created attachment 1163586 [details]
more options that requires checks (email)

Comment 9 Sanket Jagtap 2016-06-01 11:32:09 UTC

Build :Satellite 6.2 snap13.1

Comment 10 Ondřej Pražák 2016-06-02 11:08:59 UTC

Could you elaborate on what characters should be accepted in the root password? Should it be ascii only?

Comment 11 Sanket Jagtap 2016-06-06 15:51:53 UTC

Sorry for hasty comment ,
rechecked the facts , root password can contain other char-set.

Comment 12 Ondřej Pražák 2016-06-10 07:49:00 UTC

Pending PR for upstream that validates Administrator email address, Email reply address and Trusted puppetmaster hosts:

https://github.com/theforeman/foreman/pull/3583

Comment 14 Zach Huntington-Meath 2016-07-21 18:33:20 UTC

As the upstream commit has been merged I'm going to change the status to Post.

Comment 16 Bryan Kearney 2017-08-01 19:57:43 UTC

The fix to this bug will be delivered with release 6.3 of Satellite.

Note You need to log in before you can comment on or make changes to this bug.