Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1544350

Summary: Add possibility to manage errata severity via API/WebUI
Product: Red Hat Satellite 5 Reporter: Jiří Dostál <jdostal>
Component: WebUIAssignee: Jiří Dostál <jdostal>
Status: CLOSED ERRATA QA Contact: Lukáš Hellebrandt <lhellebr>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 580CC: jdostal, jhutar, lhellebr, tkasparek, tlestach
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: spacewalk-java-2.5.14-118-sat Doc Type: Release Note
Doc Text:
If this bug requires documentation, please select an appropriate Doc Type value.
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-05-15 21:46:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jiří Dostál 2018-02-12 09:02:07 UTC
Description of problem:
It's not possible to add, edit or remove severity form security erratas. 

Version-Release number of selected component (if applicable):
5.8

How reproducible:
100%

Steps to Reproduce:
1. Go to rhn/errata/manage/Create.do or rhn/errata/manage/Edit.do
2. Try to assign/edit severity for security erratum
3. Try the same with API

Actual results:
There's no possibility to do that

Expected results:
API and WebUI tools to do that

Additional info:

Comment 1 Jiří Dostál 2018-02-12 09:03:08 UTC
spacewalk 
bd952027f3d31277a03f5a64d5bdca646a6dd2b2
2225041a806e327b3b5ef9c3ca947a0e939916a6

Comment 5 Jiří Dostál 2018-03-23 07:47:45 UTC
spacewalk 0897074efb1c11ca19e39334821bf2110353dea2

Comment 7 Lukáš Hellebrandt 2018-04-03 14:58:09 UTC
Failed with spacewalk-java-2.5.14-115. API Help does not contain the new argument "severity_id".

Comment 8 Jiří Dostál 2018-04-03 15:52:53 UTC
spacewalk aa461692f0875522deaa06b909e0d1f15cc4b34f

Comment 10 Lukáš Hellebrandt 2018-04-04 11:13:33 UTC
Jiri, using ID to specify Severity in API is inconsistent with other parameters, for example Advisory Type is specified by a string. Furthermore, it's hard, from user point of view, to determine which ID means which severity.

I am willing to mark this verified if you want me to but I don't like this and want you to consider making this more consistent with current state.

In Python, it looks like this:
args = {'synopsis': 'synopsis',
          'advisory_name': "test42",
          'advisory_release': 1,
          'advisory_type': "Security Advisory",   <====
          'product': 'product',
          'topic': 'topic',
          'description': 'description',
          'references': 'references',
          'notes': 'notes',
          'solution': 'solution',
          'severity_id': 2}                       <====

Comment 11 Jiří Dostál 2018-04-05 12:12:18 UTC
Correct, it would be more straightforward the way you describe. It order to change this behavior, following changes would need to be done - change 'severity_id' to 'severity' and as values accept *translated* strings - Low, Moderate, Important, Critical, Unspecified.

Comment 12 Jiří Dostál 2018-04-05 12:13:29 UTC
spacewalk dac30bbb93b47a69d3c1c810e4117af1fc5c88c9

Comment 14 Lukáš Hellebrandt 2018-04-06 12:47:16 UTC
Looking at the API help for errata.create, I see:

string "advisory_type" - Type of advisory (one of the following: 'Security Advisory', 'Product Enhancement Advisory', or 'Bug Fix Advisory' 

Don't you want to put something similar to Severity?

Comment 15 Lukáš Hellebrandt 2018-04-06 13:13:21 UTC
Also, "severity" now needs to be set manually when using API. Even if I don't want to specify severity, I need to specify "Unspecified". That breaks backwards compatibility and is IMO not logical. Failing this again :(

Comment 16 Jiří Dostál 2018-04-09 12:32:43 UTC
Above requests are fulfilled by 
fcab1080cc4bcc2b5411ae06ef9ee8220b285ee3
6d8a603cfd89fa9f9edff29ae1442bc26fe10980

Comment 18 Lukáš Hellebrandt 2018-04-10 10:08:38 UTC
Verified with spacewalk-java-2.5.14-118.

WebUI: CRUD works, severity is not selectable with type!=Security, severity is set to unspecified on setting type!=Security.

API: Same as WebUI + severity is NOT mandatory.

Curl: Forging a request with type!=Security and severity!=Unspecified still leaves severity to Unspecified.

Comment 21 errata-xmlrpc 2018-05-15 21:46:38 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:1565