1249730 – Running reports produces different errors each time

Bug 1249730 - Running reports produces different errors each time

Summary: Running reports produces different errors each time

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	-- Unknown
Sub Component:
Version:	5.5.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	GA
Target Release:	5.5.0
Assignee:	Gregg Tanzillo
QA Contact:	Ramesh A
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-08-03 16:28 UTC by Ramesh A
Modified:	2015-12-08 13:25 UTC (History)
CC List:	2 users (show)
Fixed In Version:	5.5.0.8
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-12-08 13:25:33 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:2551	0	normal	SHIPPED_LIVE	Moderate: CFME 5.5.0 bug fixes and enhancement update	2015-12-08 17:58:09 UTC

Description Ramesh A 2015-08-03 16:28:12 UTC

Description of problem:
Running different reports from appliance throws different errors for each report.  For example the below mentioned report was seen while running the report " Offline VMs with Snapshots"

Not sure if it related to BZ#1249670

Version-Release number of selected component (if applicable):
master.20150803085357_e08ddc8 

How reproducible:
Very

Steps to Reproduce:
1. Navigate to Cloud Intelligence ==> Reports ==> Reports.  Choose a report and Queue it.  (eg. All Reports ==> Operations ==> Virtual Machines ==> Offline VMs with Snapshots)


Actual results:
Below mentioned error is seen in evm.log file

Expected results:
Should not throw any error messages in evm.log file

Additional info:
evm.log
========
[----] I, [2015-08-03T10:49:58.545764 #4502:109b98c]  INFO -- : MIQ(MiqTask#update_status) Task: [16] [Active] [Ok] [Generating report]
[----] E, [2015-08-03T10:49:58.923462 #4502:109b98c] ERROR -- : [SecurityError]: Insecure operation - eval  Method:[rescue in _async_generate_table]
[----] E, [2015-08-03T10:49:58.923763 #4502:109b98c] ERROR -- : /var/www/miq/vmdb/app/models/condition.rb:195:in `eval'
/var/www/miq/vmdb/app/models/condition.rb:195:in `block in _subst_find'
/var/www/miq/vmdb/app/models/condition.rb:195:in `call'
/var/www/miq/vmdb/app/models/condition.rb:195:in `_subst_find'
/var/www/miq/vmdb/app/models/condition.rb:102:in `block in subst'
/var/www/miq/vmdb/app/models/condition.rb:102:in `gsub!'
/var/www/miq/vmdb/app/models/condition.rb:102:in `subst'
/var/www/miq/vmdb/app/models/rbac.rb:504:in `matches_search_filters?'
/var/www/miq/vmdb/app/models/rbac.rb:417:in `block in search'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:132:in `reject'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:132:in `public_send'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:132:in `method_missing'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:99:in `method_missing'
/var/www/miq/vmdb/app/models/rbac.rb:417:in `search'
/var/www/miq/vmdb/app/models/miq_report/generator.rb:275:in `_generate_table'
/var/www/miq/vmdb/app/models/miq_report/generator.rb:173:in `block in generate_table'
/var/www/miq/vmdb/app/models/user.rb:330:in `with_userid'
/var/www/miq/vmdb/app/models/miq_report/generator.rb:173:in `generate_table'
/var/www/miq/vmdb/app/models/miq_report/generator/async.rb:93:in `_async_generate_table'
/var/www/miq/vmdb/app/models/miq_queue.rb:345:in `block in deliver'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:89:in `block in timeout'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:34:in `block in catch'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:34:in `catch'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:34:in `catch'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:104:in `timeout'
/var/www/miq/vmdb/app/models/miq_queue.rb:341:in `deliver'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:107:in `deliver_queue_message'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:135:in `deliver_message'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:152:in `block in do_work'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:146:in `loop'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:146:in `do_work'
/var/www/miq/vmdb/lib/workers/worker_base.rb:328:in `block in do_work_loop'
/var/www/miq/vmdb/lib/workers/worker_base.rb:325:in `loop'
/var/www/miq/vmdb/lib/workers/worker_base.rb:325:in `do_work_loop'
/var/www/miq/vmdb/lib/workers/worker_base.rb:146:in `run'
/var/www/miq/vmdb/lib/workers/worker_base.rb:127:in `start'
/var/www/miq/vmdb/lib/workers/worker_base.rb:24:in `start_worker'
/var/www/miq/vmdb/lib/workers/bin/worker.rb:3:in `<top (required)>'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/runner.rb:60:in `load'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/runner.rb:60:in `<top (required)>'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:123:in `require'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:123:in `require_command!'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:90:in `runner'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands.rb:17:in `<top (required)>'
/var/www/miq/vmdb/bin/rails:4:in `require'
/var/www/miq/vmdb/bin/rails:4:in `<main>'
[----] W, [2015-08-03T10:49:59.057286 #4502:109b98c]  WARN -- : <AuditFailure> MIQ(Async.rescue in _async_generate_table) userid: [admin] - Insecure operation - eval
[----] E, [2015-08-03T10:49:59.108467 #4502:109b98c] ERROR -- : MIQ(MiqQueue#deliver) Message id: [4971], Error: [Insecure operation - eval]
[----] E, [2015-08-03T10:49:59.108710 #4502:109b98c] ERROR -- : [SecurityError]: Insecure operation - eval  Method:[rescue in deliver]
[----] E, [2015-08-03T10:49:59.108809 #4502:109b98c] ERROR -- : /var/www/miq/vmdb/app/models/condition.rb:195:in `eval'
/var/www/miq/vmdb/app/models/condition.rb:195:in `block in _subst_find'
/var/www/miq/vmdb/app/models/condition.rb:195:in `call'
/var/www/miq/vmdb/app/models/condition.rb:195:in `_subst_find'
/var/www/miq/vmdb/app/models/condition.rb:102:in `block in subst'
/var/www/miq/vmdb/app/models/condition.rb:102:in `gsub!'
/var/www/miq/vmdb/app/models/condition.rb:102:in `subst'
/var/www/miq/vmdb/app/models/rbac.rb:504:in `matches_search_filters?'
/var/www/miq/vmdb/app/models/rbac.rb:417:in `block in search'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:132:in `reject'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:132:in `public_send'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:132:in `method_missing'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/activerecord-4.2.3/lib/active_record/relation/delegation.rb:99:in `method_missing'
/var/www/miq/vmdb/app/models/rbac.rb:417:in `search'
/var/www/miq/vmdb/app/models/miq_report/generator.rb:275:in `_generate_table'
/var/www/miq/vmdb/app/models/miq_report/generator.rb:173:in `block in generate_table'
/var/www/miq/vmdb/app/models/user.rb:330:in `with_userid'
/var/www/miq/vmdb/app/models/miq_report/generator.rb:173:in `generate_table'
/var/www/miq/vmdb/app/models/miq_report/generator/async.rb:93:in `_async_generate_table'
/var/www/miq/vmdb/app/models/miq_queue.rb:345:in `block in deliver'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:89:in `block in timeout'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:34:in `block in catch'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:34:in `catch'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:34:in `catch'
/opt/rubies/ruby-2.2.2/lib/ruby/2.2.0/timeout.rb:104:in `timeout'
/var/www/miq/vmdb/app/models/miq_queue.rb:341:in `deliver'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:107:in `deliver_queue_message'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:135:in `deliver_message'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:152:in `block in do_work'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:146:in `loop'
/var/www/miq/vmdb/lib/workers/queue_worker_base.rb:146:in `do_work'
/var/www/miq/vmdb/lib/workers/worker_base.rb:328:in `block in do_work_loop'
/var/www/miq/vmdb/lib/workers/worker_base.rb:325:in `loop'
/var/www/miq/vmdb/lib/workers/worker_base.rb:325:in `do_work_loop'
/var/www/miq/vmdb/lib/workers/worker_base.rb:146:in `run'
/var/www/miq/vmdb/lib/workers/worker_base.rb:127:in `start'
/var/www/miq/vmdb/lib/workers/worker_base.rb:24:in `start_worker'
/var/www/miq/vmdb/lib/workers/bin/worker.rb:3:in `<top (required)>'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/runner.rb:60:in `load'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/runner.rb:60:in `<top (required)>'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:123:in `require'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:123:in `require_command!'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:90:in `runner'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
/opt/rubies/ruby-2.2.2/lib/ruby/gems/2.2.0/gems/railties-4.2.3/lib/rails/commands.rb:17:in `<top (required)>'
/var/www/miq/vmdb/bin/rails:4:in `require'
/var/www/miq/vmdb/bin/rails:4:in `<main>'

Comment 2 CFME Bot 2015-08-11 15:06:33 UTC

https://github.com/ManageIQ/manageiq/pull/3806

Comment 3 Gregg Tanzillo 2015-08-18 13:06:01 UTC

Pull request: https://github.com/ManageIQ/manageiq/pull/3806

Comment 4 CFME Bot 2015-10-27 03:46:55 UTC

https://github.com/ManageIQ/manageiq/pull/5138

Comment 5 CFME Bot 2015-10-27 04:59:19 UTC

New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/7f2e2f0851c15668dd780676e85f9aa781acb06b

commit 7f2e2f0851c15668dd780676e85f9aa781acb06b
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Mon Aug 17 10:22:47 2015 -0400
Commit:     Gregg Tanzillo <gtanzill>
CommitDate: Mon Oct 26 22:35:17 2015 -0400

    Reinstated code that evaluates ruby expression in conditions.
    
    This is required for supporting find/check expressions that can be created in the reporting UI filter tab.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1249730

 app/models/condition.rb | 43 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 42 insertions(+), 1 deletion(-)

Comment 6 CFME Bot 2015-10-27 04:59:25 UTC

New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/af418714eb97e84d07def3e552012cd5fe24672f

commit af418714eb97e84d07def3e552012cd5fe24672f
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Mon Aug 17 10:31:20 2015 -0400
Commit:     Gregg Tanzillo <gtanzill>
CommitDate: Mon Oct 26 22:43:11 2015 -0400

    Robocop - updated to use stabby lambda.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1249730

 spec/models/condition_spec.rb | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

Comment 7 CFME Bot 2015-10-27 04:59:31 UTC

New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/8a19b2de5d635e7084ee77f20c11202bce877033

commit 8a19b2de5d635e7084ee77f20c11202bce877033
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Tue Sep 1 14:37:56 2015 -0400
Commit:     Gregg Tanzillo <gtanzill>
CommitDate: Mon Oct 26 22:43:28 2015 -0400

    Restricted operator in check expression to one of == != < > <= >= to prevent unsafe operation.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1249730

 app/models/condition.rb       | 2 ++
 spec/models/condition_spec.rb | 5 +++++
 2 files changed, 7 insertions(+)

Comment 8 Ramesh A 2015-11-16 08:33:41 UTC

Good to go.  Verified and working fine in 5.5.0.10-beta2.1.20151110134042_d6f5459

Comment 10 errata-xmlrpc 2015-12-08 13:25:33 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:2551

Note You need to log in before you can comment on or make changes to this bug.