1284454 – Creating rates via REST API - should verify arguments

Bug 1284454 - Creating rates via REST API - should verify arguments

Summary: Creating rates via REST API - should verify arguments

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	API
Sub Component:
Version:	5.5.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	GA
Target Release:	5.6.0
Assignee:	Marcel Hild
QA Contact:	Taras Lehinevych
Docs Contact:
URL:
Whiteboard:	rest:chargeback
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-11-23 11:47 UTC by Taras Lehinevych
Modified:	2016-08-03 01:32 UTC (History)
CC List:	5 users (show)
Fixed In Version:	5.6.0.0
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-06-29 15:10:51 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2016:1348	0	normal	SHIPPED_LIVE	CFME 5.6.0 bug fixes and enhancement update	2016-06-29 18:50:04 UTC

Description Taras Lehinevych 2015-11-23 11:47:30 UTC

Description of problem:
You are able to add rate with any arguments via REST API what could cause the unexpected error in UI.

Version-Release number of selected component (if applicable):
5.5.0.11

How reproducible:
100%

Steps to Reproduce:
1. Add rate via REST API with arguments
   {
    'description': 'test_rate',
    'rate': 1,
    'chargeback_rate_id':2 
   }
   chargeback_rate_id corresponds to the id of Storage Default chargeback rates 
2. Go to Cloud Intelligence -> Chargebacks -> Rates -> Storage
3. Click on Default chargeback rates

Actual results:
The rate is added successfully and after step 3 you will get page with "Unexpected error encountered"

Expected results:
Error message about incorrect arguments should be returned when you try to add rate, the result of step 3 shouldn't be page with error message 

Additional info:
Also you are able to add the rate with chargeback_rate_id argument which doesn't exist or not specify it at all.

The issue could be reproduced by using the cfme_tests tools. The code is below.

from utils.api import API
api = API ('https://ip_address/api/', auth=('login','password'))
data = {
        'description': 'test_rate_',
        'rate': 1, 
        'chargeback_rate_id':12 }

api.collections.rates.action.create(data)

Comment 2 Marcel Hild 2016-01-15 14:20:09 UTC

https://github.com/ManageIQ/manageiq/pull/6100

Comment 3 Taras Lehinevych 2016-04-20 11:44:58 UTC

Hi there, 

The verification of the fields (group and source) presence works correctly. 
However, I'm able to add the rate to not existed chargeback (I'm not getting any error message, adding was successful) and if you query the rates collection, just added rate won't be present there.

I believe we should verify the chargeback_rate_id field.

Thanks, 
-Taras

Comment 4 Marcel Hild 2016-04-20 12:37:32 UTC

@taras, good catch.
My guess is, that you should open another BZ for this, so it can be prioritized again.
If you feel, this is still part of this issue, it should be assigned to gtanzill, so he can assign it to one of his team.

Comment 5 Taras Lehinevych 2016-04-20 16:12:28 UTC

Thanks. I'll create a separate BZ.

Verified in 5.6.0.1-beta2

Comment 7 errata-xmlrpc 2016-06-29 15:10:51 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1348

Note You need to log in before you can comment on or make changes to this bug.