Bug 1138253 - Add user via RESTAPI fails with wrong user_name
Summary: Add user via RESTAPI fails with wrong user_name
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 3.5.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 3.5.0
Assignee: Yair Zaslavsky
QA Contact: Nelly Credi
URL:
Whiteboard: Infra
Depends On:
Blocks: oVirt-AAA-rewrite rhev3.5beta 1156165
TreeView+ depends on / blocked
 
Reported: 2014-09-04 11:27 UTC by Nelly Credi
Modified: 2015-02-11 20:55 UTC (History)
14 users (show)

Fixed In Version: vt3
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-11 20:55:29 UTC
oVirt Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 32481 0 master MERGED aaa: Failure to add user name in rest-api due to wrong username Never
oVirt gerrit 32511 0 ovirt-engine-3.5 MERGED aaa: Failure to add user name in rest-api due to wrong username Never

Description Nelly Credi 2014-09-04 11:27:47 UTC 
Description of problem:
user_name field has duplicate domain: user@domain@domain

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.create user
2.
3.

Actual results:
2014-09-04 13:26:04,024 - MainThread - users - DEBUG - Response body for CREATE request is: 
<user href="/ovirt-engine/api/users/ae5cd7ba-2783-4ef2-a134-2e3127d39934" id="ae5cd7ba-2783-4ef2-a134-2e3127d39934">
    <name>xxx</name>
    <link href="/ovirt-engine/api/users/ae5cd7ba-2783-4ef2-a134-2e3127d39934/permissions" rel="permissions"/>
    <link href="/ovirt-engine/api/users/ae5cd7ba-2783-4ef2-a134-2e3127d39934/roles" rel="roles"/>
    <link href="/ovirt-engine/api/users/ae5cd7ba-2783-4ef2-a134-2e3127d39934/tags" rel="tags"/>
    <domain href="/ovirt-engine/api/domains/71612e6c-6162-2e74-6c76-2e7265646861" id="71612e6c-6162-2e74-6c76-2e7265646861"/>
    <domain_entry_id>61323461393732632D383736372D343565622D386263612D613863373439333234343666</domain_entry_id>
    <namespace>*</namespace>
    <user_name>xxx.tlv.redhat.com.tlv.redhat.com</user_name>
    <principal>xxx.tlv.redhat.com</principal>
</user>

Expected results:
<user_name>xxx.tlv.redhat.com</user_name>

Additional info:
Comment 1 Juan Hernández 2014-09-04 11:49:44 UTC 
The RESTAPI puts in the "user_name" element the long name of the user followed by @ and the domain name. In this case it looks like the backend populating the login name incorrectly.
Comment 2 Alon Bar-Lev 2014-09-04 12:15:59 UTC 
Yair, it seems that legacy provider adds @domain to principal?

    <user_name>istein.tlv.redhat.com.tlv.redhat.com</user_name>
    <principal>istein.tlv.redhat.com</principal>
Comment 3 Alon Bar-Lev 2014-09-04 12:23:27 UTC 
I think I know why it happens.

This is because we put the principal within the user name within the user table now.

So the restapi assumes this is the user name, although the user name may be out of date and never actually updated.

Is there a reason for the legacy provider to have principal name with @suffix?

If there is, options:
1. have two fields in database one for the legacy user name, the other for principal, the principal is to be used at ui.
2. revert and put the legacy user name within database, will make ui less readable but...
Comment 4 Alon Bar-Lev 2014-09-04 12:24:57 UTC 
Another option... remove the @xxxx append to user name of the restapi?
Comment 5 Nelly Credi 2014-09-04 12:31:01 UTC 
BTW it also happens in CLI API
Comment 6 Eyal Edri 2014-09-10 20:21:54 UTC 
fixed in vt3, moving to on_qa.
if you believe this bug isn't released in vt3, please report to rhev-integ
Note You need to log in before you can comment on or make changes to this bug.