Bug 1262604 - [AAA] ovirt-engine-role.sh fixups
[AAA] ovirt-engine-role.sh fixups
Status: CLOSED CURRENTRELEASE
Product: ovirt-engine
Classification: oVirt
Component: AAA (Show other bugs)
3.5.0
Unspecified Unspecified
unspecified Severity medium (vote)
: ovirt-3.6.0-rc
: 3.6.0
Assigned To: Alon Bar-Lev
Ondra Machacek
infra
: CodeChange
Depends On:
Blocks: 1276939
  Show dependency treegraph
 
Reported: 2015-09-13 06:27 EDT by Alon Bar-Lev
Modified: 2016-02-10 14:14 EST (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1276939 (view as bug list)
Environment:
Last Closed: 2015-11-27 02:50:10 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
alonbl: ovirt‑3.6.0?
rule-engine: planning_ack?
alonbl: devel_ack+
pnovotny: testing_ack+


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 46085 master MERGED aaa: attach_user_to_role: user id may be unique within provider Never
oVirt gerrit 46086 master MERGED aaa: attach_user_to_role: add missing namespace attribute Never
oVirt gerrit 46087 master MERGED aaa: attach_user_to_role: rename parameters to match product conventions Never
oVirt gerrit 46200 ovirt-engine-3.6 MERGED aaa: attach_user_to_role: user id may be unique within provider Never
oVirt gerrit 46201 ovirt-engine-3.6 MERGED aaa: attach_user_to_role: add missing namespace attribute Never
oVirt gerrit 46202 ovirt-engine-3.6 MERGED aaa: attach_user_to_role: rename parameters to match product conventions Never
oVirt gerrit 46203 ovirt-engine-3.5 MERGED aaa: attach_user_to_role: user id may be unique within provider Never
oVirt gerrit 46204 ovirt-engine-3.5 MERGED aaa: attach_user_to_role: add missing namespace attribute Never
oVirt gerrit 46205 ovirt-engine-3.5 MERGED aaa: attach_user_to_role: rename parameters to match product conventions Never

  None (edit)
Description Alon Bar-Lev 2015-09-13 06:27:38 EDT
CURRENT BEHAVIOUR

# PGPASSWORD=xxx psql -h localhost -U engine -d engine -c 'select domain, external_id from users;'
     domain     |             external_id              
----------------+--------------------------------------
 internal-authz | ae93e5fd-9f3b-4392-8eff-f09ebe12b9f1

#  /usr/share/ovirt-engine/bin/ovirt-engine-role.sh --command=add --user-name=admin --provider=internal-authz1234 --provider-id=ae93e5fd-9f3b-4392-8eff-f09ebe12b9f1 --role=SuperUser

# PGPASSWORD=UJHJLSDjr7MAlIQiaebBSs psql -h localhost -U engine -d engine -c 'select domain, external_id from users;'     domain     |             external_id              
----------------+--------------------------------------
 internal-authz | ae93e5fd-9f3b-4392-8eff-f09ebe12b9f1

EXPECTED BEHAVIOUR

The user from internal-authz1234 should be added, even if the provider-id is the same as other providers, uniqueness is per provider.
Comment 1 Alon Bar-Lev 2015-09-13 07:11:20 EDT
1. provider id should be unique within provider.
2. namespace is missing
3. parameter do not confirm to other product terms.
Comment 2 Red Hat Bugzilla Rules Engine 2015-10-18 04:21:45 EDT
Fixed bug tickets must have version flags set prior to fixing them. Please set the correct version flags and move the bugs back to the previous status after this is corrected.
Comment 3 Eyal Edri 2015-11-01 09:25:17 EST
this bug has both 3.5.z & 3.6.0 flags, in bugzilla lang it means its a clone candidate from 3.6.0 to 3.5.z meaning it's pending a clone and wasn't fixed for 3.5.z.

if this isn't the case, please fix flags accordingly,
if it is the case, then please clone the bugs to 3.5.7 (3.5.6 was built already)
Comment 4 Alon Bar-Lev 2015-11-01 10:02:57 EST
(In reply to Eyal Edri from comment #3)
> this bug has both 3.5.z & 3.6.0 flags, in bugzilla lang it means its a clone
> candidate from 3.6.0 to 3.5.z meaning it's pending a clone and wasn't fixed
> for 3.5.z.
> 
> if this isn't the case, please fix flags accordingly,
> if it is the case, then please clone the bugs to 3.5.7 (3.5.6 was built
> already)

bug#1276939 cloned.
this clone thing is something of downstream should go away.
Comment 5 Red Hat Bugzilla Rules Engine 2015-11-01 10:03:02 EST
This bug is not marked for z-stream, yet the milestone is for a z-stream version, therefore the milestone has been reset.
Please set the correct milestone or add the z-stream flag.
Comment 6 Red Hat Bugzilla Rules Engine 2015-11-01 10:03:02 EST
Fixed bug tickets must have target milestone set prior to fixing them. Please set the correct milestone and move the bugs back to the previous status after this is corrected.
Comment 7 Red Hat Bugzilla Rules Engine 2015-11-01 10:03:02 EST
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
Comment 8 Ondra Machacek 2015-11-13 03:27:55 EST
Usage: /usr/share/ovirt-engine/bin/ovirt-engine-role.sh [OPTIONS]

    --authz-name=name        Name of authorization provider instace.
    --principal-namespace=ns Namespace within provider.
    --principal-id=id        Unique user id within provider.
Comment 9 Sandro Bonazzola 2015-11-27 02:50:10 EST
Since oVirt 3.6.0 has been released, moving from verified to closed current release.

Note You need to log in before you can comment on or make changes to this bug.