Bug 1262604 - [AAA] ovirt-engine-role.sh fixups
Summary: [AAA] ovirt-engine-role.sh fixups
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-engine
Classification: oVirt
Component: AAA
Version: 3.5.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ovirt-3.6.0-rc
: 3.6.0
Assignee: Alon Bar-Lev
QA Contact: Ondra Machacek
URL:
Whiteboard: infra
Depends On:
Blocks: 1276939
TreeView+ depends on / blocked
 
Reported: 2015-09-13 10:27 UTC by Alon Bar-Lev
Modified: 2016-02-10 19:14 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1276939 (view as bug list)
Environment:
Last Closed: 2015-11-27 07:50:10 UTC
oVirt Team: Infra
Embargoed:
alonbl: ovirt-3.6.0?
rule-engine: planning_ack?
alonbl: devel_ack+
pnovotny: testing_ack+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 46085 0 master MERGED aaa: attach_user_to_role: user id may be unique within provider Never
oVirt gerrit 46086 0 master MERGED aaa: attach_user_to_role: add missing namespace attribute Never
oVirt gerrit 46087 0 master MERGED aaa: attach_user_to_role: rename parameters to match product conventions Never
oVirt gerrit 46200 0 ovirt-engine-3.6 MERGED aaa: attach_user_to_role: user id may be unique within provider Never
oVirt gerrit 46201 0 ovirt-engine-3.6 MERGED aaa: attach_user_to_role: add missing namespace attribute Never
oVirt gerrit 46202 0 ovirt-engine-3.6 MERGED aaa: attach_user_to_role: rename parameters to match product conventions Never
oVirt gerrit 46203 0 ovirt-engine-3.5 MERGED aaa: attach_user_to_role: user id may be unique within provider Never
oVirt gerrit 46204 0 ovirt-engine-3.5 MERGED aaa: attach_user_to_role: add missing namespace attribute Never
oVirt gerrit 46205 0 ovirt-engine-3.5 MERGED aaa: attach_user_to_role: rename parameters to match product conventions Never

Description Alon Bar-Lev 2015-09-13 10:27:38 UTC 
CURRENT BEHAVIOUR

# PGPASSWORD=xxx psql -h localhost -U engine -d engine -c 'select domain, external_id from users;'
     domain     |             external_id              
----------------+--------------------------------------
 internal-authz | ae93e5fd-9f3b-4392-8eff-f09ebe12b9f1

#  /usr/share/ovirt-engine/bin/ovirt-engine-role.sh --command=add --user-name=admin --provider=internal-authz1234 --provider-id=ae93e5fd-9f3b-4392-8eff-f09ebe12b9f1 --role=SuperUser

# PGPASSWORD=UJHJLSDjr7MAlIQiaebBSs psql -h localhost -U engine -d engine -c 'select domain, external_id from users;'     domain     |             external_id              
----------------+--------------------------------------
 internal-authz | ae93e5fd-9f3b-4392-8eff-f09ebe12b9f1

EXPECTED BEHAVIOUR

The user from internal-authz1234 should be added, even if the provider-id is the same as other providers, uniqueness is per provider.
Comment 1 Alon Bar-Lev 2015-09-13 11:11:20 UTC 
1. provider id should be unique within provider.
2. namespace is missing
3. parameter do not confirm to other product terms.
Comment 2 Red Hat Bugzilla Rules Engine 2015-10-18 08:21:45 UTC 
Fixed bug tickets must have version flags set prior to fixing them. Please set the correct version flags and move the bugs back to the previous status after this is corrected.
Comment 3 Eyal Edri 2015-11-01 14:25:17 UTC 
this bug has both 3.5.z & 3.6.0 flags, in bugzilla lang it means its a clone candidate from 3.6.0 to 3.5.z meaning it's pending a clone and wasn't fixed for 3.5.z.

if this isn't the case, please fix flags accordingly,
if it is the case, then please clone the bugs to 3.5.7 (3.5.6 was built already)
Comment 4 Alon Bar-Lev 2015-11-01 15:02:57 UTC 
(In reply to Eyal Edri from comment #3)
> this bug has both 3.5.z & 3.6.0 flags, in bugzilla lang it means its a clone
> candidate from 3.6.0 to 3.5.z meaning it's pending a clone and wasn't fixed
> for 3.5.z.
> 
> if this isn't the case, please fix flags accordingly,
> if it is the case, then please clone the bugs to 3.5.7 (3.5.6 was built
> already)

bug#1276939 cloned.
this clone thing is something of downstream should go away.
Comment 5 Red Hat Bugzilla Rules Engine 2015-11-01 15:03:02 UTC 
This bug is not marked for z-stream, yet the milestone is for a z-stream version, therefore the milestone has been reset.
Please set the correct milestone or add the z-stream flag.
Comment 6 Red Hat Bugzilla Rules Engine 2015-11-01 15:03:02 UTC 
Fixed bug tickets must have target milestone set prior to fixing them. Please set the correct milestone and move the bugs back to the previous status after this is corrected.
Comment 7 Red Hat Bugzilla Rules Engine 2015-11-01 15:03:02 UTC 
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
Comment 8 Ondra Machacek 2015-11-13 08:27:55 UTC 
Usage: /usr/share/ovirt-engine/bin/ovirt-engine-role.sh [OPTIONS]

    --authz-name=name        Name of authorization provider instace.
    --principal-namespace=ns Namespace within provider.
    --principal-id=id        Unique user id within provider.
Comment 9 Sandro Bonazzola 2015-11-27 07:50:10 UTC 
Since oVirt 3.6.0 has been released, moving from verified to closed current release.
Note You need to log in before you can comment on or make changes to this bug.