Bug 1420302 - Adding fence agent with type "invalid_type" succeeds
Summary: Adding fence agent with type "invalid_type" succeeds
Alias: None
Product: ovirt-engine
Classification: oVirt
Component: BLL.Infra
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ovirt-4.1.1
Assignee: Martin Perina
QA Contact: Petr Matyáš
Depends On:
TreeView+ depends on / blocked
Reported: 2017-02-08 12:02 UTC by Petr Matyáš
Modified: 2017-04-21 09:45 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2017-04-21 09:45:44 UTC
oVirt Team: Infra
rule-engine: ovirt-4.1+

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
oVirt gerrit 72180 0 master MERGED core: Validate fence agent type upon creation/update 2017-02-16 12:24:24 UTC
oVirt gerrit 72428 0 ovirt-engine-4.1 MERGED core: Validate fence agent type upon creation/update 2017-02-17 10:08:30 UTC

Description Petr Matyáš 2017-02-08 12:02:29 UTC
Description of problem:
When adding fence agents I'm able to add fence agent with wrong type (e.g. "invalid_type"), the request succeeds, but it's unable to activate it with error Cannot edit Host. Selected Power Management Agent is not supported.
This error should be thrown when adding the agent, checking it upon activation is too late.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. have engine with some host which has PM
2. curl -v -u "$USERNAME@$DOMAIN:$PASSWORD" -H "Content-type: application/xml" --insecure -X POST https://$HOSTNAME/ovirt-engine/api/hosts/$HOSTID/fenceagents -d "<agent><address>$AGENT_ADDRESS</address><concurrent>false</concurrent><order>1</order><password>$AGENT_PASSWORD</password><type>invalid_type</type><username>$AGENT_USERNAME</username></agent>"

Actual results:
request returns 201 and the agent is added

Expected results:
request should return an error and not add the agent

Additional info:

Comment 1 Yaniv Kaul 2017-02-09 07:43:13 UTC
Why is it high severity?!

Comment 2 Juan Hernández 2017-02-09 09:42:56 UTC
The API does not do this kind of validation, it just sends to the backend the 'type' provided by the caller. If this needs to be validated and rejected, then it should be done in the backend.

Comment 3 Petr Matyáš 2017-03-07 09:26:00 UTC
Verified on 4.1.1-4

Note You need to log in before you can comment on or make changes to this bug.