Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1777730 - hammer settings content_default_http_proxy does not have validation for provided values
Summary: hammer settings content_default_http_proxy does not have validation for prov...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: API - Content
Version: 6.7.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: 6.7.0
Assignee: Oleh Fedorenko
QA Contact: vijsingh
URL:
Whiteboard:
Depends On:
Blocks: 1774324
TreeView+ depends on / blocked
 
Reported: 2019-11-28 08:09 UTC by vijsingh
Modified: 2020-04-14 13:27 UTC (History)
8 users (show)

Fixed In Version: tfm-rubygem-katello-3.14.0.1-1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-04-14 13:27:30 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 28386 0 Normal Closed hammer settings content_default_http_proxy does not have validation for provided values 2021-01-22 05:57:52 UTC
Red Hat Product Errata RHSA-2020:1454 0 None None None 2020-04-14 13:27:40 UTC

Description vijsingh 2019-11-28 08:09:39 UTC
Description of problem:

hammer setting content_default_http_proxy  does not have validation for provided values

Version-Release number of selected component (if applicable):

@Satellite 6.7.0 snap 3,0

How reproducible:

Always

Steps to Reproduce:
1. Set settings as below:
 
[root@hp-dl180-04 ~]# hammer settings set --name content_default_http_proxy --value xyz
Setting [content_default_http_proxy] updated to [xyz].

[root@hp-dl180-04 ~]# hammer settings list |grep -i content_default_http_proxy
content_default_http_proxy                             | Default http proxy                                          | xyz                                                                              | Default HTTP Proxy for syncing content                                          
[root@hp-dl180-04 ~]# 

2. No check on UI for same setting , the value filed shows empty.

 Administer => Settings => Content => 'Default HTTP Proxy'

Actual results:

 Any value could pass with '--value'

Expected results:

 It should only set the setting if provided value is correct (i.e. already created proxy name)

Additional info:

Comment 3 vijsingh 2019-11-28 08:12:21 UTC
s/no/now

2. Now check on UI for same setting , the value filed shows empty.

 Administer => Settings => Content => 'Default HTTP Proxy'

Comment 4 Oleh Fedorenko 2019-11-29 15:37:59 UTC
I'd say that the problem is not on the hammer side. There is no validation on the server side if I use API call that is hidden under hammer command directly as well. I'd suggest to add a specific validation for content_default_http_proxy setting.

Comment 5 Oleh Fedorenko 2019-11-29 15:43:58 UTC
Created redmine issue https://projects.theforeman.org/issues/28386 from this bug

Comment 6 Bryan Kearney 2019-12-05 21:05:16 UTC
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/28386 has been resolved.

Comment 8 vijsingh 2019-12-23 06:49:04 UTC
ON_QA Verified

@Satellite 6.7.0 snap 7.0

Steps/Observation:
 - Unable to update invalid value
 - Able to pass '' for no_proxy
 - Able to update only specific/valid proxy

___________________________________________________________________________________________________________________
[root@qe-sat6-bm1 ~]# hammer settings set --name content_default_http_proxy --value xyz
Could not update the setting:
  There is no such HTTP Proxy

[root@qe-sat6-bm1 ~]# hammer settings set --name content_default_http_proxy --value ''
Setting [content_default_http_proxy] updated to [].
[root@qe-sat6-bm1 ~]# hammer settings list |grep -i content_default_http_proxy
content_default_http_proxy                             | Default http proxy                                          |                                                                                  | Default HTTP Proxy for syncing content                                          

[root@qe-sat6-bm1 ~]# hammer settings set --name content_default_http_proxy --value Proxy1
Setting [content_default_http_proxy] updated to [Proxy1].
[root@qe-sat6-bm1 ~]# hammer settings list |grep -i content_default_http_proxy
content_default_http_proxy                             | Default http proxy                                          | Proxy1                                                                           | Default HTTP Proxy for syncing content                                          
[root@qe-sat6-bm1 ~]# 
___________________________________________________________________________________________________________________

Comment 11 errata-xmlrpc 2020-04-14 13:27:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1454


Note You need to log in before you can comment on or make changes to this bug.