Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1514333

Summary: Adding the role to user mulitple time for same role and user.
Product: OpenShift Container Platform Reporter: Bhavani CR <bhavani.r>
Component: apiserver-authAssignee: Simo Sorce <ssorce>
Status: CLOSED NOTABUG QA Contact: Chuan Yu <chuyu>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.6.0CC: aos-bugs
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-15 14:46:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bhavani CR 2017-11-17 06:39:39 UTC 
Description of problem:

Adding the role to user mulitple time for same role and user.
for example:- 
oadm policy add-role-to-user view user1
role "view" added: "user1"

oadm policy add-role-to-user view user1
role "view" added: "user1"


Version-Release number of selected component (if applicable):
atomic-openshift-utils-3.6.173.0.48-1.git.0.1609d30.el7.noarch

How reproducible:
Execution of command through CLI

Steps to Reproduce:
1.Login to openshift
2.oadm policy add-role-to-user view user1


Actual results:
It is successfully adding same role to group.

Expected results:
It should verify that the particular role is added to the user.
If the role is added again to same user , it must throw an error.

Additional info:
Comment 1 Simo Sorce 2017-12-15 14:46:05 UTC 
I do not think this is something we want to do.

In general we prefer idempotency, so that if the result of the requested action is obtained we do not error, even if nothing was doen to obtain it.

This make declarative configuration (think Ansible) much easier as the result of operation (errors) depends on whether the desired outcome is achieved, and not how it is achieved.