1777730 – hammer settings content_default_http_proxy does not have validation for provided values

Bug 1777730 - hammer settings content_default_http_proxy does not have validation for provided values

Summary: hammer settings content_default_http_proxy does not have validation for prov...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	API - Content
Sub Component:
Version:	6.7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	6.7.0
Assignee:	Oleh Fedorenko
QA Contact:	vijsingh
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1774324
TreeView+	depends on / blocked

Reported:	2019-11-28 08:09 UTC by vijsingh
Modified:	2020-04-14 13:27 UTC (History)
CC List:	8 users (show)
Fixed In Version:	tfm-rubygem-katello-3.14.0.1-1
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-04-14 13:27:30 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	28386	0	Normal	Closed	hammer settings content_default_http_proxy does not have validation for provided values	2021-01-22 05:57:52 UTC
Red Hat Product Errata	RHSA-2020:1454	0	None	None	None	2020-04-14 13:27:40 UTC

Description vijsingh 2019-11-28 08:09:39 UTC

Description of problem:

hammer setting content_default_http_proxy  does not have validation for provided values

Version-Release number of selected component (if applicable):

@Satellite 6.7.0 snap 3,0

How reproducible:

Always

Steps to Reproduce:
1. Set settings as below:
 
[root@hp-dl180-04 ~]# hammer settings set --name content_default_http_proxy --value xyz
Setting [content_default_http_proxy] updated to [xyz].

[root@hp-dl180-04 ~]# hammer settings list |grep -i content_default_http_proxy
content_default_http_proxy                             | Default http proxy                                          | xyz                                                                              | Default HTTP Proxy for syncing content                                          
[root@hp-dl180-04 ~]# 

2. No check on UI for same setting , the value filed shows empty.

 Administer => Settings => Content => 'Default HTTP Proxy'

Actual results:

 Any value could pass with '--value'

Expected results:

 It should only set the setting if provided value is correct (i.e. already created proxy name)

Additional info:

Comment 3 vijsingh 2019-11-28 08:12:21 UTC

s/no/now

2. Now check on UI for same setting , the value filed shows empty.

 Administer => Settings => Content => 'Default HTTP Proxy'

Comment 4 Oleh Fedorenko 2019-11-29 15:37:59 UTC

I'd say that the problem is not on the hammer side. There is no validation on the server side if I use API call that is hidden under hammer command directly as well. I'd suggest to add a specific validation for content_default_http_proxy setting.

Comment 5 Oleh Fedorenko 2019-11-29 15:43:58 UTC

Created redmine issue https://projects.theforeman.org/issues/28386 from this bug

Comment 6 Bryan Kearney 2019-12-05 21:05:16 UTC

Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/28386 has been resolved.

Comment 8 vijsingh 2019-12-23 06:49:04 UTC

ON_QA Verified

@Satellite 6.7.0 snap 7.0

Steps/Observation:
 - Unable to update invalid value
 - Able to pass '' for no_proxy
 - Able to update only specific/valid proxy

___________________________________________________________________________________________________________________
[root@qe-sat6-bm1 ~]# hammer settings set --name content_default_http_proxy --value xyz
Could not update the setting:
  There is no such HTTP Proxy

[root@qe-sat6-bm1 ~]# hammer settings set --name content_default_http_proxy --value ''
Setting [content_default_http_proxy] updated to [].
[root@qe-sat6-bm1 ~]# hammer settings list |grep -i content_default_http_proxy
content_default_http_proxy                             | Default http proxy                                          |                                                                                  | Default HTTP Proxy for syncing content                                          

[root@qe-sat6-bm1 ~]# hammer settings set --name content_default_http_proxy --value Proxy1
Setting [content_default_http_proxy] updated to [Proxy1].
[root@qe-sat6-bm1 ~]# hammer settings list |grep -i content_default_http_proxy
content_default_http_proxy                             | Default http proxy                                          | Proxy1                                                                           | Default HTTP Proxy for syncing content                                          
[root@qe-sat6-bm1 ~]# 
___________________________________________________________________________________________________________________

Comment 11 errata-xmlrpc 2020-04-14 13:27:30 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1454

Note You need to log in before you can comment on or make changes to this bug.