Bug 1663562 - Validation message for unsupported "towhat" field values when creating policies from the API is unclear
Summary: Validation message for unsupported "towhat" field values when creating polici...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Control
Version: 5.10.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: GA
: 5.11.0
Assignee: kwalsh
QA Contact: Parthvi Vala
Red Hat CloudForms Documentation
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-01-04 20:54 UTC by kwalsh
Modified: 2019-12-12 13:35 UTC (History)
5 users (show)

Fixed In Version: 5.11.0.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-12-12 13:34:59 UTC
Category: ---
Cloudforms Team: CFME Core
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:4199 0 None None None 2019-12-12 13:35:14 UTC

Description kwalsh 2019-01-04 20:54:21 UTC 
Description of problem:

In bug 1659899, it was found that providing an invalid "towhat" value in the payload while creating a policy via the API would result in an unclear error message. The received message is the default error message for a failed Rails inclusion validation: "Towhat is not included in the list"

This message can mistakenly be interpreted to mean "towhat" was not included in the payload, when it's actually referring to the inclusion list it's being validated against. We should clarify the messaging to specify the list of valid "towhat" values, following established patterns throughout other models.


How reproducible:
Always, with an invalid "towhat" value.

Steps to Reproduce:
1. Send a create Policies request via the API
Request: POST /api/policies
Query: 
{
  "action": "create",
  "resources": [{
    "name": "test_policy_cNUnZ",
    "conditions_ids": ["3", "4"],
    "towhat": "invalidtowhat",
    "policy_contents": [{
      "event_id": 2,
      "actions": [{
        "opts": {
          "qualifier": "failure"
        },
        "action_id": 1
      }]
    }],
    "mode": "compliance",
    "description": "Test Policy cNUnZ"
    }
  ]
}

Actual results:
Response:
{
  "error": {
    "kind": "bad_request",
    "message": "Could not create the new policy - Validation failed: MiqPolicy: Towhat is not included in the list",
    "klass": "Api::BadRequestError"
  }
}

Expected results:
Response:
{
  "error": {
    "kind": "bad_request",
    "message": "Could not create the new policy - Validation failed: MiqPolicy: Towhat should be one of ContainerGroup, ContainerImage, ContainerNode, ContainerProject, ContainerReplicator, ExtManagementSystem, Host, PhysicalServer, Vm",
    "klass": "Api::BadRequestError"
  }
}



Additional info:
Active Record Inclusion Validations: https://guides.rubyonrails.org/active_record_validations.html#inclusion
Comment 2 kwalsh 2019-01-22 18:52:50 UTC 
Upstream PR: https://github.com/ManageIQ/manageiq/pull/18338
Comment 3 kwalsh 2019-01-22 19:01:46 UTC 
Upstream PR merged. Commit message:

- Explicitly set the inclusion whitelist as part of the error message
when creating a policy with an invalid 'towhat' value to clarify the
expectation, particularly when creating via the API.

- Modify supportive spec which tests the validity of the policy record.
Comment 4 Parthvi Vala 2019-05-02 13:04:43 UTC 
FIXED. Verified on 5.11.0.2.20190430174828_0e34dea,
Comment 6 errata-xmlrpc 2019-12-12 13:34:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:4199
Note You need to log in before you can comment on or make changes to this bug.