Bug 1335464 - No validation for missing storage domain id when importing a block storage domain through the sdk
Summary: No validation for missing storage domain id when importing a block storage do...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-engine
Classification: oVirt
Component: RestAPI
Version: 3.6.5.1
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ovirt-4.0.0-beta
: 4.0.0
Assignee: Maor
QA Contact: Carlos Mestre González
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-05-12 09:29 UTC by Fabrice Bacchella
Modified: 2017-05-11 09:30 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-08-01 12:25:58 UTC
oVirt Team: Storage
rule-engine: ovirt-4.0.0+
ylavi: planning_ack+
tnisan: devel_ack+
acanan: testing_ack+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 57514 0 master MERGED restapi: Add validation for storage domain id. 2016-05-18 07:59:05 UTC

Description Fabrice Bacchella 2016-05-12 09:29:28 UTC 
When I try to import an existing domain, using the python sdk, it sends:
> POST /api/storagedomains HTTP/1.1
...
> <storage_domain>
>     <name>vmsys01</name>
>     <type>data</type>
>     <storage>
>         <type>fcp</type>
>         <volume_group id="EusYjl-epq1-ZWvS-cxeO-neL7-4cWe-10uUsc"/>
>     </storage>
>     <host href="/api/hosts/2ef8d472-f083-4c9f-b251-e17d9cd2ad3a" id="2ef8d472-f083-4c9f-b251-e17d9cd2ad3a">
...
>     </host>
>     <import>true</import>
> </storage_domain>

But I get a :
< HTTP/1.1 500 Internal Server Error

In server.log:
==> /var/log/ovirt-engine/server.log <==
2016-05-12 11:24:42,817 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /api/storagedomains: org.jboss.resteasy.spi.UnhandledException: java.lang.NullPointerException: candidate can not be null please use static method createGuidFromString
	at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:149) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:372) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.10.Final.jar:]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.api.common.invocation.CurrentFilter.doFilter(CurrentFilter.java:66) [interface-common-jaxrs.jar:]
	at org.ovirt.engine.api.common.invocation.CurrentFilter.doFilter(CurrentFilter.java:48) [interface-common-jaxrs.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.RestApiSessionMgmtFilter.doFilter(RestApiSessionMgmtFilter.java:81) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.EnforceAuthFilter.doFilter(EnforceAuthFilter.java:39) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.LoginFilter.doFilter(LoginFilter.java:75) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.NegotiationFilter.doFilter(NegotiationFilter.java:113) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:90) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.SessionValidationFilter.doFilter(SessionValidationFilter.java:77) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.EngineSessionTokenAuthenticationFilter.doFilter(EngineSessionTokenAuthenticationFilter.java:31) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.core.aaa.filters.RestApiSessionValidationFilter.doFilter(RestApiSessionValidationFilter.java:35) [aaa.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.api.common.security.CSRFProtectionFilter.doFilter(CSRFProtectionFilter.java:111) [interface-common-jaxrs.jar:]
	at org.ovirt.engine.api.common.security.CSRFProtectionFilter.doFilter(CSRFProtectionFilter.java:102) [interface-common-jaxrs.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.ovirt.engine.api.common.security.CORSSupportFilter.doFilter(CORSSupportFilter.java:183) [interface-common-jaxrs.jar:]
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:248) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:77) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:167) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:761) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_92]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_92]
	at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_92]
Caused by: java.lang.NullPointerException: candidate can not be null please use static method createGuidFromString
	at org.ovirt.engine.core.compat.Guid.<init>(Guid.java:66)
	at org.ovirt.engine.api.restapi.resource.BaseBackendResource.asGuid(BaseBackendResource.java:282) [restapi-jaxrs.jar:]
	at org.ovirt.engine.api.restapi.resource.BackendStorageDomainsResource.addExistingSAN(BackendStorageDomainsResource.java:143) [restapi-jaxrs.jar:]
	at org.ovirt.engine.api.restapi.resource.BackendStorageDomainsResource.add(BackendStorageDomainsResource.java:283) [restapi-jaxrs.jar:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_92]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_92]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_92]
	at java.lang.reflect.Method.invoke(Method.java:498) [rt.jar:1.8.0_92]
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:296) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:237) [resteasy-jaxrs-3.0.10.Final.jar:]
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356) [resteasy-jaxrs-3.0.10.Final.jar:]
	... 70 more
Comment 1 Maor 2016-05-15 07:22:26 UTC 
Does the import works through your REST client?

Importing an FCP Storage Domain should be done as follow:

  <storage_domain id="ecf053fc-fe65-4d64-883e-c38ca898951c">
      <name>vmsys01</name>
      <import>true</import>
      <host id="2ef8d472-f083-4c9f-b251-e17d9cd2ad3a" />
      <type>data</type>
      <storage>
          <type>fcp</type>
      </storage>
  </storage_domain>

See http://www.ovirt.org/develop/release-management/features/storage/importstoragedomain/ 
in section REST "Import block Storage Domain" for further detailes
Comment 2 Fabrice Bacchella 2016-05-15 08:30:32 UTC 
But I shouldn't get a 500 and a stack dump if my request is invalid.
Comment 3 Maor 2016-05-15 09:01:22 UTC 
(In reply to Fabrice Bacchella from comment #2)
> But I shouldn't get a 500 and a stack dump if my request is invalid.

agreed, just wanted to troubleshoot the problem
Comment 4 Maor 2016-05-15 15:47:57 UTC 
Fabrice, can u please attach the full engine and server logs.
Also the exact CLI command you execute.
Thanks.
Comment 5 Maor 2016-05-15 15:54:57 UTC 
Juan, could it be an SDK issue?
Seems that the REST work properly, do you need any additional input from the reporter?
Comment 6 Fabrice Bacchella 2016-05-16 10:21:23 UTC 
The python code is at https://github.com/fbacchella/ovirtcmd/blob/master/ovlib/storages/__init__.py#L73

The stack dump that I show is the only thing that get logged when doing the request.
Comment 7 Juan Hernández 2016-05-16 11:16:45 UTC 
It isn't a problem in the SDK, but in the server side. The identifier of the storage domain is mandatory, but we use it without validating it before. In the BackendStorageDomainsResource.addExistingSAN method we do the following:

  StorageDomainStatic storageDomainToImport = getMatchingStorageDomain(asGuid(model.getId()), existingStorageDomains);

That call to "asGuid" generates an NPE if the identifier isn't provided, like in this case. We should do a validation before using it:

  validateParameters(storageDomain, "id");
  resp = addExistingSAN(...);
Comment 8 Maor 2016-05-17 13:15:15 UTC 
Fabrice,
So basically the bug is only a verification for a storage domain id through the REST?
If you add the storage domain id to your request, does it work for you?
Comment 9 Fabrice Bacchella 2016-05-17 13:18:04 UTC 
Yes once the id is added, everything works fine. All that was needed was an helpfull error message.
Comment 10 Maor 2016-05-17 13:47:27 UTC 
ok, this patch should fix that.
Moving the target milestone to 4.0 since it is a verification issue and the import should work properly once the request contains the SD id
Comment 11 Carlos Mestre González 2016-07-12 14:00:41 UTC 
verified: rhevm-4.0.2-0.2.rc1.el7ev.noarch

<fault>
<detail>StorageDomain [id] required for add</detail>
<reason>Incomplete parameters</reason>
</fault>
Note You need to log in before you can comment on or make changes to this bug.