Description of problem: Create any scope (admin, edit or view) for application in wsunmem3fork3 via RESTAPI,then try to show application info with this token,but it failed.It always shows "The requested application was not found". Version-Release number of selected component (if applicable): fork_ami_membership_origin_ui_73_765 How reproducible: Always Steps to Reproduce: 1.Create an application in wsunmem3fork3 2.Show the app info via CLI 3.Create scope for above application in wsunmem3fork3 via RESTAPI 4.Show the authorization 5.Show the app info with token via RESTAPI Actual results: 2.[wsun@dhcp-8-229 zdm]$ rhc app-show phpt -l wsun+mem3 -p changme phpt @ http://phpt-wsunmem3fork3.dev.rhcloud.com/ (uuid: 774685425587573875539968) ---------------------------------------------------------------------------------- Domain: wsunmem3fork3 Created: 4:54 PM Gears: 1 (defaults to small) Git URL: ssh://774685425587573875539968.rhcloud.com/~/git/phpt.git/ SSH: 774685425587573875539968.rhcloud.com php-5.3 (PHP 5.3) ----------------- Gears: 1 small 3.[wsun@dhcp-8-229 ~]$ curl -k -s -H "Accept: application/xml" --user wsun+mem3:changeme https://ec2-54-234-52-228.compute-1.amazonaws.com/broker/rest/user/authorizations -d scope=application/774685425587573875539968/admin -d note=appadmin -X POST <?xml version="1.0" encoding="UTF-8"?> <response> <status>created</status> <type>authorization</type> <data> <authorization> <token>1829536fd86570cdef74f682eb3ccb0b9ec9c6436637bbf047e971c0dc6768a7</token> <created-at>2013-08-14T09:43:50Z</created-at> <expires-in>2592000</expires-in> <expires-in-seconds>2592000</expires-in-seconds> <note>appadmin</note> <id>520b5156a64e5d8fb200006b</id> <scopes>application/774685425587573875539968/admin</scopes> <identity>wsun+mem3</identity> <messages> <message> <severity>info</severity> <text>Create authorization</text> <exit-code>0</exit-code> <field nil="true"></field> </message> </messages> </response> 4.[wsun@dhcp-8-229 zdm]$ rhc authorization -l wsun+mem3 -p x appadmin -------- Token: 1829536fd86570cdef74f682eb3ccb0b9ec9c6436637bbf047e971c0dc6768a7 Scopes: application/774685425587573875539968/admin Created: 5:43 PM Expires In: 30 days 5.[wsun@dhcp-8-229 ~]$ curl -k -s -H "Accept: application/xml" -H "Authorization: Bearer 1829536fd86570cdef74f682eb3ccb0b9ec9c6436637bbf047e971c0dc6768a7 " https://ec2-54-234-52-228.compute-1.amazonaws.com/broker/rest/applications/774685425587573875539968 <?xml version="1.0" encoding="UTF-8"?> <response> <status>not_found</status> <type nil="true"></type> <data> <datum nil="true"></datum> </data> <messages> <message> <severity>error</severity> <text>The requested application was not found.</text> <exit-code>101</exit-code> <field nil="true"></field> </message> </messages> </response> Expected results: The scope of application could work well Additional info:
Test on devenv_3660,create any scope (admin, edit , view,scale,build) for application,try to do the following allowed options to application with scope,but all failed.It returns "The requested application was not found". 1.Try to view application with view scope 2.Try to view/control application and control cartridge with edit scope 3.Try to view/control/create application control cartridge with admin scope 4.Try to scale up/down application with scale scope 5.Try to build application with build scope
app uuid (returned by broker) doesn't match the access control calls and interreferences. Investigating a better way of doing UUID.
This will be fixed by https://github.com/openshift/li/pull/1836 at the beginning of next sprint. This doesn't block sprint exit because application tokens are non functional.
Fixed by pull.
Verified on devenv_3758 After creating the scope (admin, edit , view,scale) for application,could do the following options: 1.Try to view application with view scope 2.Try to view/control application and control cartridge with edit scope 3.Try to view/control/delete application control cartridge with admin scope 4.Try to scale up/down application with scale scope