Bug 1393552 - vmreconfigure allows circumvention of quota and approval mechanisms
Summary: vmreconfigure allows circumvention of quota and approval mechanisms
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Automate
Version: 5.6.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.9.0
Assignee: William Fitzgerald
QA Contact: Vatsal Parekh
URL:
Whiteboard: reconfigure:quota
: 1450180 (view as bug list)
Depends On:
Blocks: 1459261
TreeView+ depends on / blocked
 
Reported: 2016-11-09 20:28 UTC by Jeffrey Cutter
Modified: 2018-03-06 14:57 UTC (History)
10 users (show)

Fixed In Version: 5.9.0.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1459261 (view as bug list)
Environment:
Last Closed: 2018-03-06 14:57:45 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:


Attachments (Terms of Use)

Description Jeffrey Cutter 2016-11-09 20:28:39 UTC
Description of problem:

vmreconfigure functionality in CloudForms does not include support for quota or approval.  As such, a user with self service access can provision a VM under approval and quota requirements and then resize it beyond quota and approval.

Version-Release number of selected component (if applicable):

5.6.2.2

How reproducible:

Apply quota and approval settings (I'm using group for quota).
Provision over those limits and see it require approval and be denied for quota.
Provision under those limits and see it complete successfully.
Reconfigure the VM to be over those same limits and see it be auto approved and not check quota.

Expected results:

vmreconfigure activities should honor the same quota and approval limits.

Comment 2 Tina Fitzgerald 2017-01-05 21:01:59 UTC
Nick Catling added reconfigure support for quota and will be making a pull request.

https://github.com/supernoodz/CloudForms/blob/master/Quota/System/CommonMethods/QuotaMethods.class/__methods__/requested.rb

Comment 3 William Fitzgerald 2017-02-20 20:43:47 UTC
I updated the spec tests and created a pull request https://github.com/ManageIQ/manageiq-content/pull/56.

I had to make a few minor changes to the request method to get the spec tests to work properly.  I added a few log messages and removed provisioned_storage from the initial prov value since the value is the amount to be increased or decreased.

Nick needs to update his pull request with this updated method.
I emailed Nick the modified request method.

Billy

Comment 4 William Fitzgerald 2017-04-04 13:37:41 UTC
Methods changes in PR: https://github.com/ManageIQ/manageiq-content/pull/71

Comment 5 William Fitzgerald 2017-05-05 14:26:27 UTC
This PR fixes this problem, setting to POST.

https://github.com/ManageIQ/manageiq-content/pull/56  

I merged the changes from https://github.com/ManageIQ/manageiq-content/pull/71 and that PR will be closed.

Billy

Comment 6 William Fitzgerald 2017-05-11 19:44:31 UTC
*** Bug 1450180 has been marked as a duplicate of this bug. ***

Comment 8 Vatsal Parekh 2017-10-23 10:14:11 UTC
Able to verify this on Version 5.9.0.2.20171010190026_0413a06


Note You need to log in before you can comment on or make changes to this bug.