Bug 1150128 - Pulp raises an authentication exception when a user is not authorized
Summary: Pulp raises an authentication exception when a user is not authorized
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Pulp
Classification: Retired
Component: API/integration
Version: 2.4.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: 2.6.0
Assignee: Jeremy Cline
QA Contact: Irina Gulina
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-07 13:30 UTC by Randy Barlow
Modified: 2015-02-28 22:38 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-28 22:38:28 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Pulp Redmine 567 0 None None None Never

Description Randy Barlow 2014-10-07 13:30:43 UTC
Description of problem:
Pulp confuses the words authentication and authorization[0]. This leads to confusion with our users[1].

Version-Release number of selected component (if applicable):
2.4.0-1

How reproducible:
Every time.

Steps to Reproduce:
1. Attempt to perform an action that your user is not authorized to perform.

Actual results:
Observe that the raised error is about authentication.

Expected results:
The raised error should be about authorization.

Additional info:
[0] https://github.com/pulp/pulp/blob/master/server/pulp/server/webservices/controllers/decorators.py#L194
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1081534

Comment 1 Jeremy Cline 2014-12-03 21:32:09 UTC
https://github.com/pulp/pulp/pull/1389

Comment 2 Chris Duryee 2014-12-23 20:53:03 UTC
fixed in pulp 2.6.0-0.2.beta

Comment 3 Irina Gulina 2015-01-12 08:42:15 UTC
observed that in pulp 2.4.4 it is about authentication like in https://bugzilla.redhat.com/show_bug.cgi?id=1081534#c11


>>rpm -qa pulp-server
pulp-server-2.6.0-0.2.beta.el6.noarch

>> pulp-consumer -u consumer-admin register --consumer-id test04
Enter password: 
Permission denied: user consumer-admin cannot perform CREATE.

Comment 4 Brian Bouterse 2015-02-28 22:38:28 UTC
Moved to https://pulp.plan.io/issues/567


Note You need to log in before you can comment on or make changes to this bug.