Bug 798509 - Caught "ActiveResource::ServerError in KeysController#destroy " error when deleting the last non-default key which is also the first sshkey.
Caught "ActiveResource::ServerError in KeysController#destroy " error when de...
Product: OpenShift Origin
Classification: Red Hat
Component: Command Line Interface (Show other bugs)
Unspecified Unspecified
high Severity medium
: ---
: ---
Assigned To: Clayton Coleman
libra bugs
: Triaged
Depends On:
  Show dependency treegraph
Reported: 2012-02-29 00:39 EST by Yujie Zhang
Modified: 2015-05-14 21:47 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-04-13 14:34:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Error message (44.77 KB, image/png)
2012-02-29 00:39 EST, Yujie Zhang
no flags Details
The first and non-default key (25.81 KB, image/png)
2012-02-29 00:41 EST, Yujie Zhang
no flags Details
In old console page. (9.00 KB, image/png)
2012-02-29 00:41 EST, Yujie Zhang
no flags Details

  None (edit)
Description Yujie Zhang 2012-02-29 00:39:59 EST
Created attachment 566462 [details]
Error message

Description of problem:

Caught "ActiveResource::ServerError in KeysController#destroy " error when deleting the last non-default key which is also the first sshkey.

Version-Release number of selected component (if applicable):

How reproducible:always

Steps to Reproduce:
1.Go to Openshift website and login
2.Go to My Account page and add the first sshkey as non-default key
3.Try to delete this sshkey
Actual results:

Caught "ActiveResource::ServerError in KeysController#destroy " error.Details see in attachment.

Expected results:

The ssh key should be deleted successfully.

Additional info:
Comment 1 Yujie Zhang 2012-02-29 00:41:09 EST
Created attachment 566464 [details]
The first and non-default key
Comment 2 Yujie Zhang 2012-02-29 00:41:42 EST
Created attachment 566465 [details]
In old console page.
Comment 3 Clayton Coleman 2012-02-29 01:00:00 EST
This happens when the user

a) creates their domain
b) creates their first key with a different name than "default"
c) attempts to delete their first key.

I believe delete should succeed here (no reason you can't have 0 keys).

broker.response: "#<Net::HTTPInternalServerError 500 Internal Server Error readbody=true>"
broker.response.body: "{\"type\":null,\"data\":null,\"version\":\"1.0\",\"messages\":[{\"field\":null,\"severity\":\"error\",\"text\":\"Failed to delete SSH key blah for user test4 due to:ERROR: Can't remove all ssh keys for user test4\",\"exit_code\":null}],\"status\":\"internal_server_error\"}"
Comment 4 Yujie Zhang 2012-02-29 22:34:46 EST
Verify this bug on devenv-stage_139, it has been fixed now, thanks.
Comment 5 Yujie Zhang 2012-03-01 00:48:13 EST
This issue does not always happen,but it did happen some time,so assign it back,please check it again, the following is log message:

Started POST "/app/account/keys/UUUUUUUUUUUUUU" for at Thu Mar 01 00:42:33 -0500 2012
[Barista] Copying all javascripts
  Processing by KeysController#destroy as HTML
  Parameters: {"id"=>"UUUUUUUUUUUUUU", "authenticity_token"=>"R2fzKNJl+GXmMzQ8/pfWBBGinU2TX8dVWWQSZwb6cPc="}
Checking for logout request
Not a logout request, checking for cookie
rh_sso cookie = '0|hPQxPEgOFt0nOell3QbYP4ls43sCvBXuN0A'
User has an authenticated session
Session ticket matches current ticket
Login required
Completed 500 Internal Server Error in 1416ms

ActiveResource::ServerError (Failed.  Response code = 500.  Response message = Internal Server Error.):
  app/controllers/keys_controller.rb:44:in `destroy'
Comment 6 Yujie Zhang 2012-03-02 01:17:13 EST
I think this issue happens when the default key is created and it's vaule it empty,just as the condition of attahcment of "In old console page",please check it.
Comment 7 Yujie Zhang 2012-03-16 01:31:03 EDT
Still has this issue , please check it.
Comment 8 Ravi Sankar 2012-03-19 17:09:43 EDT
We can allow 0 ssh keys with the domain but cli tools, java client may break during git push, creation of app(cloning repo), etc.
I can think of 2 options:

(1) Allow 0 ssh keys but update cli tools, java client to run rhc-chk or similar cmd which will inform the user about the missing ssh key during git pull/clone etc. failures.

(2) Until cli tools, java client is updated, keep at least 1 ssh key limitation and throw 403 instead of 500 error.

(1) is the right thing to do but I don't know when is the java client gets updated, what else may break without enough testing. For safer side, (2) may be desired.

FYI: To support (1), its a one line change in broker side.
     To enable 403 error in (2), broker can throw different exception to differentiate with genuine 500 errors.
Comment 9 Clayton Coleman 2012-03-19 17:20:51 EDT
We should talk to the client team.  For the CLI tools, they are calling the old API and so should still be creating a new domain with an ssh key.  The Java tools should be doing that as well.  In order to use the new REST API, both have to make a change.  When they make that change they should fix their code to handle both checking and creating the first key.  So I don't think there's a problem with #1, as long as the old API continues to work.
Comment 10 Ravi Sankar 2012-03-21 14:47:31 EDT
Fixed. Now we allow 0 ssh keys for the domain.
Comment 11 Yujie Zhang 2012-03-23 03:48:09 EDT
Verify this bug on devenv_1670, it has been fixed now, thanks.

Note You need to log in before you can comment on or make changes to this bug.