Description of problem: It's not possible to add, edit or remove severity form security erratas. Version-Release number of selected component (if applicable): 5.8 How reproducible: 100% Steps to Reproduce: 1. Go to rhn/errata/manage/Create.do or rhn/errata/manage/Edit.do 2. Try to assign/edit severity for security erratum 3. Try the same with API Actual results: There's no possibility to do that Expected results: API and WebUI tools to do that Additional info:
spacewalk bd952027f3d31277a03f5a64d5bdca646a6dd2b2 2225041a806e327b3b5ef9c3ca947a0e939916a6
spacewalk 0897074efb1c11ca19e39334821bf2110353dea2
Failed with spacewalk-java-2.5.14-115. API Help does not contain the new argument "severity_id".
spacewalk aa461692f0875522deaa06b909e0d1f15cc4b34f
Jiri, using ID to specify Severity in API is inconsistent with other parameters, for example Advisory Type is specified by a string. Furthermore, it's hard, from user point of view, to determine which ID means which severity. I am willing to mark this verified if you want me to but I don't like this and want you to consider making this more consistent with current state. In Python, it looks like this: args = {'synopsis': 'synopsis', 'advisory_name': "test42", 'advisory_release': 1, 'advisory_type': "Security Advisory", <==== 'product': 'product', 'topic': 'topic', 'description': 'description', 'references': 'references', 'notes': 'notes', 'solution': 'solution', 'severity_id': 2} <====
Correct, it would be more straightforward the way you describe. It order to change this behavior, following changes would need to be done - change 'severity_id' to 'severity' and as values accept *translated* strings - Low, Moderate, Important, Critical, Unspecified.
spacewalk dac30bbb93b47a69d3c1c810e4117af1fc5c88c9
Looking at the API help for errata.create, I see: string "advisory_type" - Type of advisory (one of the following: 'Security Advisory', 'Product Enhancement Advisory', or 'Bug Fix Advisory' Don't you want to put something similar to Severity?
Also, "severity" now needs to be set manually when using API. Even if I don't want to specify severity, I need to specify "Unspecified". That breaks backwards compatibility and is IMO not logical. Failing this again :(
Above requests are fulfilled by fcab1080cc4bcc2b5411ae06ef9ee8220b285ee3 6d8a603cfd89fa9f9edff29ae1442bc26fe10980
Verified with spacewalk-java-2.5.14-118. WebUI: CRUD works, severity is not selectable with type!=Security, severity is set to unspecified on setting type!=Security. API: Same as WebUI + severity is NOT mandatory. Curl: Forging a request with type!=Security and severity!=Unspecified still leaves severity to Unspecified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2018:1565