Bug 903705 - There is no "project" parameter validation during network creation
There is no "project" parameter validation during network creation
Status: CLOSED NOTABUG
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-nova (Show other bugs)
2.0 (Folsom)
Unspecified Unspecified
unspecified Severity medium
: ---
: ---
Assigned To: RHOS Maint
Yaniv Kaul
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-01-24 10:50 EST by Rami Vaknin
Modified: 2014-01-12 18:54 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-12 12:03:39 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rami Vaknin 2013-01-24 10:50:00 EST
Description of problem:
It's possible to create a network with a wrong/non-exist project_id

Version-Release number of selected component (if applicable):
Folsom on RHEL6.4, FlatDHCPManager

Steps to Reproduce:
1. Create a network with non-exist project id

  $ nova-manage network create --label=net08_36 --fixed_range_v4=192.168.8.0/24 --bridge=br100 --project_id=a75203 --num_networks=1

Actual results:
Network creation passes successfully.

$ mysql -u root nova -e "select id,cidr,netmask,bridge,gateway,broadcast,dhcp_start,label,project_id,bridge_interface from networks where label like 'net08_36';"
+----+----------------+---------------+--------+-------------+---------------+-------------+----------+------------+------------------+
| id | cidr           | netmask       | bridge | gateway     | broadcast     | dhcp_start  | label    | project_id | bridge_interface |
+----+----------------+---------------+--------+-------------+---------------+-------------+----------+------------+------------------+
| 10 | 192.168.8.0/24 | 255.255.255.0 | br100  | 192.168.8.1 | 192.168.8.255 | 192.168.8.2 | net08_36 | a75203     | eth2             |
+----+----------------+---------------+--------+-------------+---------------+-------------+----------+------------+------------------+
$ keystone tenant-list
+----------------------------------+----------+---------+
|                id                |   name   | enabled |
+----------------------------------+----------+---------+
| 4d59ca3ff6114b219dead3cf818318a5 |   rami   |   True  |
| 5e5ffdaf50a94a028ab6b76aacf26f3f | services |   True  |
| a75203c3c0234ea0b3c16565e52af01e |  vaknin  |   True  |
| cc85e25edce4476bbe1aa29cdb16b2ba |  admin   |   True  |
+----------------------------------+----------+---------+


Expected results:
Operation should fail with a proper error message/exception.
Comment 2 Russell Bryant 2013-02-12 12:03:39 EST
nova-manage is a very low level admin tool.  It does very little validation and instead just assumes valid input from the admin in many cases.  So, I don't think this is something we need to fix.

Note You need to log in before you can comment on or make changes to this bug.