Bug 1192955 - Make "password" not required in pulp-admin for user creation.
Summary: Make "password" not required in pulp-admin for user creation.
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Pulp
Classification: Retired
Component: API/integration
Version: 2.6 Beta
Hardware: Unspecified
OS: Unspecified
medium
low
Target Milestone: ---
: ---
Assignee: pulp-bugs
QA Contact: pulp-qe-list
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-02-16 10:37 UTC by Ina Panova
Modified: 2015-02-28 23:24 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-28 23:24:05 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Pulp Redmine 699 0 None None None Never

Description Ina Panova 2015-02-16 10:37:51 UTC 
Description of problem:
in API 'password' should be a required key during user creation as in CLI:

pulp-admin -u admin -p admin auth user create --login test-user

Enter password for user [test-user] : 
Re-enter password for user [test-user]: 

Password cannot be empty

Enter password for user [test-user] : 

If user will be created with API where 'password' can be skipped then it will be impossible to login with that user:

$ curl -i -H "Accept: application/json" -H "WebFrameworkSwitch: django" -X POST -k -u admin:admin -d '{"login":"test-user1"}' 'https://localhost/pulp/api/v2/users/'
HTTP/1.1 201 CREATED
Date: Mon, 16 Feb 2015 10:36:24 GMT
Server: Apache/2.4.10 (Fedora) OpenSSL/1.0.1e-fips mod_wsgi/3.5 Python/2.7.5
Content-Length: 196
Location: https://localhost/pulp/api/v2/users/test-user1/
Content-Type: application/json

{"_id": {"$oid": "54e1c82845ef485a4c9595f7"}, "name": "test-user1", "roles": [], "_ns": "users", "login": "test-user1", "id": "54e1c82845ef485a4c9595f7", "_href": "/pulp/api/v2/users/test-user1/"}[


$ pulp-admin -u test-user1 repo list
Warning: path should have mode 0700 because it may contain sensitive information: /home/ipanova/.pulp/

Enter password: 
+----------------------------------------------------------------------+
                              Repositories
+----------------------------------------------------------------------+

Session Expired

The session certificate expired on Jan 23 08:13:41 2015 GMT.



Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Ina Panova 2015-02-16 10:38:29 UTC 
also, docs should be updated http://pulp.readthedocs.org/en/latest/dev-guide/integration/rest-api/user/cud.html#create-a-user
Comment 2 Randy Barlow 2015-02-16 15:08:22 UTC 
Since we do support other forms of authentication that do not involve the password, I believe we should not require the password to be specified. Pulp respects the REMOTE_USER environment variable if set by httpd, so any httpd authentication module can be used. We have an open pull request to add Kerberos support, for example.
Comment 3 Michael Hrivnak 2015-02-16 16:08:09 UTC 
I agree with Randy's assessment.
Comment 4 Brian Bouterse 2015-02-28 23:24:05 UTC 
Moved to https://pulp.plan.io/issues/699
Note You need to log in before you can comment on or make changes to this bug.