Description of problem: Version-Release number of selected component (if applicable): rhevm-restapi-3.5.0-0.10.master.el6ev.noarch How reproducible: always Steps to Reproduce:curl -v -k -X GET -H "Accept: application/xml" -H "Content-Type: application/xml" -H "Filter: false" -u "admin@internal:123456" https://localhost:443/api/roles/00000000-0000-0000-0000-000000000001/permits * About to connect() to localhost port 443 (#0) * Trying ::1... connected * Connected to localhost (::1) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * warning: ignoring value of ssl.verifyhost * skipping SSL peer certificate verification * SSL connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA * Server certificate: * subject: CN=om-rh35.rhev.lab.eng.brq.redhat.com,O=rhev.lab.eng.brq.redhat.com,C=US * start date: Sep 08 07:07:56 2014 GMT * expire date: Aug 14 07:07:56 2019 GMT * common name: om-rh35.rhev.lab.eng.brq.redhat.com * issuer: CN=om-rh35.rhev.lab.eng.brq.redhat.com.82550,O=rhev.lab.eng.brq.redhat.com,C=US * Server auth using Basic with user 'admin@internal' > GET /api/roles/00000000-0000-0000-0000-000000000001/permits HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > Host: localhost > Accept: application/xml > Content-Type: application/xml > Filter: false > < HTTP/1.1 500 Internal Server Error < Date: Tue, 09 Sep 2014 07:15:13 GMT < Content-Type: application/xml < Content-Length: 103 < Vary: Accept-Encoding < Connection: close < * Closing connection #0 <?xml version="1.0" encoding="UTF-8" standalone="yes"?><fault><reason>Operation Failed</reason></fault> Expected results: list of superuser permits 2014-09-09 09:16:47,463 INFO [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp-/127.0.0.1:8702-6) Running command: LoginUserCommand internal: false. 2014-09-09 09:16:47,472 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-6) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User admin logged in. 2014-09-09 09:16:47,510 ERROR [org.ovirt.engine.api.restapi.resource.validation.MappingExceptionMapper] (ajp-/127.0.0.1:8702-6) org.ovirt.engine.api.restapi.utils.MappingException: java.lang.reflect.InvocationTargetException 2014-09-09 09:16:47,517 INFO [org.ovirt.engine.core.bll.aaa.LogoutBySessionCommand] (ajp-/127.0.0.1:8702-6) [3ae2e2b4] Running command: LogoutBySessionCommand internal: false. 2014-09-09 09:16:47,520 INFO [org.ovirt.engine.core.bll.aaa.LogoutUserCommand] (ajp-/127.0.0.1:8702-6) [31785114] Running command: LogoutUserCommand internal: false. 2014-09-09 09:16:47,528 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-6) [31785114] Correlation ID: 31785114, Call Stack: null, Custom Event ID: -1, Message: User admin logged out.
Same for 'ClusterAdmin' and 'DataCenterAdmin.
This happens because the database table "roles_groups" contains two rows with values for the "action_group_id" column that don't exist in the backend "ActionGroup" enum. As a result when these rows are loaded the action group is null, and accessing it triggers a NPE. The wrong values are 130 and 131. These have been introduced in the following patch in order to fix bug 989546: http://gerrit.ovirt.org/25685
*** Bug 1140636 has been marked as a duplicate of this bug. ***
ok, ovirt-engine-backend-3.5.0-0.0.master.20140911085455.gite1c5ffd.el6.noarch # curl -s -k -X GET -H "Accept: application/xml" -H "Content-Type: application/xml" -H "Filter: false" -u "admin@internal:123456" https://localhost:443/api/roles/00000000-0000-0000-0000-000000000001/permits | grep '<name>' | nl | tail 68 <name>access_image_storage</name> 69 <name>tag_management</name> 70 <name>bookmark_management</name> 71 <name>event_notification_management</name> 72 <name>manipulate_affinity_groups</name> 73 <name>add_users_and_groups_from_directory</name> 74 <name>audit_log_management</name> 75 <name>configure_storage_disk_profile</name> 76 <name>create_storage_disk_profile</name> 77 <name>delete_storage_disk_profile</name>l
oVirt 3.5 has been released and should include the fix for this issue.