Bug 837497 - User should not create domain or apps with names on blacklist
Summary: User should not create domain or apps with names on blacklist
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OKD
Classification: Red Hat
Component: Pod
Version: 2.x
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: ---
: ---
Assignee: Abhishek Gupta
QA Contact: libra bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-07-04 06:22 UTC by Jianwei Hou
Modified: 2015-05-15 01:59 UTC (History)
4 users (show)

Fixed In Version: devenv_1876
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-07-13 23:44:02 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Jianwei Hou 2012-07-04 06:22:35 UTC
Description of problem:
a user is able to create application or domain when specifying an app name or domain name on blacklist

Version-Release number of selected component (if applicable):
on devenv_1874
CLI rhc-0.95.7

How reproducible:
always

Steps to Reproduce:
1.create an app with appname on blaklist
  rhc app create -a overlord
2.create or alter domain with name on blacklist
  rhc domain alter -n aop
3.rhc domain show

  
Actual results:
app creation successfuul
domain creation successful

we can see the result from below,both app name and domain name are
on blacklist

hjw@my jbosseap1$ rhc domain show
Password: ******


User Info
=========
Namespace: aop
  RHLogin: jhou


Application Info
================
jbosseap1
    Framework: jbosseap-6.0
     Creation: 2012-07-04T02:00:05-04:00
         UUID: 2ea7598f40884abfa4fbaef3dc12448b
      Git URL: ssh://2ea7598f40884abfa4fbaef3dc12448b.rhcloud.com/~/git/jbosseap1.git/
   Public URL: http://jbosseap1-aop.dev.rhcloud.com/

 Embedded: 
      jenkins-client-1.4 - Job URL: https://jks1-aop.dev.rhcloud.com/job/jbosseap1-build/

overlord
    Framework: php-5.3
     Creation: 2012-07-04T02:10:36-04:00
         UUID: 5139d4bed5c74851bcd383875ff00921
      Git URL: ssh://5139d4bed5c74851bcd383875ff00921.rhcloud.com/~/git/overlord.git/
   Public URL: http://overlord-aop.dev.rhcloud.com/

 Embedded: 
      None

jks1
    Framework: jenkins-1.4
     Creation: 2012-07-04T01:57:27-04:00
         UUID: 4f7215725fb748e2ab5d97452d4b2ffb
      Git URL: ssh://4f7215725fb748e2ab5d97452d4b2ffb.rhcloud.com/~/git/jks1.git/
   Public URL: http://jks1-aop.dev.rhcloud.com/

 Embedded: 
      None

jbosseap1bldr
    Framework: jbosseap-6.0
     Creation: 2012-07-04T02:01:54-04:00
         UUID: faf0698f766c41da9fc2455a1931dce9
      Git URL: ssh://faf0698f766c41da9fc2455a1931dce9.rhcloud.com/~/git/jbosseap1bldr.git/
   Public URL: http://jbosseap1bldr-aop.dev.rhcloud.com/

 Embedded: 
      None

amentra
    Framework: perl-5.10
     Creation: 2012-07-04T02:20:06-04:00
         UUID: 1eacb05f5c234b2e8a1fc4ccf23a328d
      Git URL: ssh://1eacb05f5c234b2e8a1fc4ccf23a328d.rhcloud.com/~/git/amentra.git/
   Public URL: http://amentra-aop.dev.rhcloud.com/

 Embedded: 
      None

Expected results:
creation should fail due to app name or domain name is on blacklist

Additional info:

Comment 1 Clayton Coleman 2012-07-05 14:19:57 UTC
This is API controlled.

Comment 2 Peter Ruan 2012-07-05 17:57:53 UTC
Anybody know the contents of the blacklist?

Comment 3 Jhon Honce 2012-07-05 18:01:29 UTC
see server-common/openshift/blacklist.rb in the li repo

Comment 4 Abhishek Gupta 2012-07-05 22:16:42 UTC
This was a regression bug introduced by the opensourcing of mcollective.

Comment 5 Jianwei Hou 2012-07-06 01:30:11 UTC
verified on devenv_1876, CLI: rhc-0.95.8
creating app or domain with names on blacklist would return failure.

1.rhc domain create -n aop

OpenShift key found at /home/hjw/.ssh/id_rsa.  Reusing...
Problem reported from server. Response code was 400.
Re-run with -d for more information.

RESULT:
The supplied namespace 'aop' is not allowed

2.rhc app create -a overlord -t php-5.3

Password: ******

Creating application: overlord in 1876test
Problem reported from server. Response code was 400.
Re-run with -d for more information.

RESULT:
The supplied application name 'overlord' is not allowed


Note You need to log in before you can comment on or make changes to this bug.