Description of problem: Try to create any domain scope (view,admin,edit),but it failed.It returns "One or more of the scopes you provided are not allowed. Valid scopes are session, read, userinfo, application/:id/view, application/:id/edit, and application/:id/admin." Version-Release number of selected component (if applicable): devenv_3660 How reproducible: Always Steps to Reproduce: 1.Create a domain 2.Create any domain scope (view,admin,edit) 3. Actual results: [wsun@dhcp-8-229 ~]$ curl -k -H 'Accept: application/xml' -u wsun+mem4:change https://ec2-50-17-19-192.compute-1.amazonaws.com/broker/rest/user/authorizations -d scope=domain/520dcf316b80e2db22000004/admin -d note=domainadmin -X POST <?xml version="1.0" encoding="UTF-8"?> <response> <status>unprocessable_entity</status> <type nil="true"></type> <data> <datum nil="true"></datum> </data> <messages> <message> <severity>error</severity> <text>One or more of the scopes you provided are not allowed. Valid scopes are session, read, userinfo, application/:id/view, application/:id/edit, and application/:id/admin.</text> <exit-code>194</exit-code> <field>scopes</field> </message> </messages> Expected results: Could create domain scopes successfully Additional info:
This is a config problem.
Fixed in https://github.com/openshift/origin-server/pull/3387 and https://github.com/openshift/li/pull/1824
Commit pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/9d86272aa4ad8491fd02575a957fceb1afb1e46e Bug 997831 - Domain scope not in Rails config
Commit pushed to master at https://github.com/openshift/li https://github.com/openshift/li/commit/aa7f046bef49f93298c1be010140bea3c2353fe2 Bug 997831 - Domain scope not in config
Verified on devenv_3672 Result: 1.[wsun@dhcp-8-229 ~]$ curl -k -H 'Accept: application/xml' -u wsun:changeme https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations -d scope=domain/52118d93ce7bf54c9b000006/admin -d note=domainadmin -X POST <?xml version="1.0" encoding="UTF-8"?> <response> <status>created</status> <type>authorization</type> <data> <authorization> <token>1aea8cc1f1682ae3f518c4cae8e9b18550927807ece02b7d2d1f57f393274ea8</token> <created-at>2013-08-19T03:47:41Z</created-at> <expires-in>2592000</expires-in> <expires-in-seconds>2592000</expires-in-seconds> <note>domainadmin</note> <id>5211955dce7bf536fb000057</id> <scopes>domain/52118d93ce7bf54c9b000006/admin</scopes> <identity>wsun</identity> <links> <link> <rel>Get authorization</rel> <method>GET</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/5211955dce7bf536fb000057</href> <required-params/> <optional-params/> </link> <link> <rel>Update authorization</rel> <method>PUT</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/5211955dce7bf536fb000057</href> <required-params> <param> <name>note</name> <type>string</type> <description>A note to remind you what this token is for.</description> <valid-options/> <invalid-options/> </param> </required-params> <optional-params/> </link> <link> <rel>Delete authorization</rel> <method>DELETE</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/5211955dce7bf536fb000057</href> <required-params/> <optional-params/> </link> </links> </authorization> </data> <messages> <message> <severity>info</severity> <text>Create authorization</text> <exit-code>0</exit-code> <field nil="true"></field> </message> </messages> <version>1.6</version> <api-version>1.6</api-version> <supported-api-versions> <supported-api-version>1.0</supported-api-version> <supported-api-version>1.1</supported-api-version> <supported-api-version>1.2</supported-api-version> <supported-api-version>1.3</supported-api-version> <supported-api-version>1.4</supported-api-version> <supported-api-version>1.5</supported-api-version> <supported-api-version>1.6</supported-api-version> </supported-api-versions> </response> 2.[wsun@dhcp-8-229 ~]$ curl -k -H 'Accept: application/xml' -u wsun:changeme https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations -d scope=domain/52118d93ce7bf54c9b000006/view -d note=domainview -X POST <?xml version="1.0" encoding="UTF-8"?> <response> <status>created</status> <type>authorization</type> <data> <authorization> <token>b689fb98901799c88bcc208fe3ebc8881a260b1da0db2d992ab3995b9d17ada8</token> <created-at>2013-08-19T03:48:01Z</created-at> <expires-in>2592000</expires-in> <expires-in-seconds>2592000</expires-in-seconds> <note>domainview</note> <id>52119571ce7bf536fb000058</id> <scopes>domain/52118d93ce7bf54c9b000006/view</scopes> <identity>wsun</identity> <links> <link> <rel>Get authorization</rel> <method>GET</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/52119571ce7bf536fb000058</href> <required-params/> <optional-params/> </link> <link> <rel>Update authorization</rel> <method>PUT</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/52119571ce7bf536fb000058</href> <required-params> <param> <name>note</name> <type>string</type> <description>A note to remind you what this token is for.</description> <valid-options/> <invalid-options/> </param> </required-params> <optional-params/> </link> <link> <rel>Delete authorization</rel> <method>DELETE</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/52119571ce7bf536fb000058</href> <required-params/> <optional-params/> </link> </links> </authorization> </data> <messages> <message> <severity>info</severity> <text>Create authorization</text> <exit-code>0</exit-code> <field nil="true"></field> </message> </messages> <version>1.6</version> <api-version>1.6</api-version> <supported-api-versions> <supported-api-version>1.0</supported-api-version> <supported-api-version>1.1</supported-api-version> <supported-api-version>1.2</supported-api-version> <supported-api-version>1.3</supported-api-version> <supported-api-version>1.4</supported-api-version> <supported-api-version>1.5</supported-api-version> <supported-api-version>1.6</supported-api-version> </supported-api-versions> </response> 3.[wsun@dhcp-8-229 ~]$ curl -k -H 'Accept: application/xml' -u wsun:changeme https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations -d scope=domain/52118d93ce7bf54c9b000006/edit -d note=domainedit -X POST <?xml version="1.0" encoding="UTF-8"?> <response> <status>created</status> <type>authorization</type> <data> <authorization> <token>961585024559fc4b468d31aeffe276111979a3b021ad1f2689f6dbcc2819ed63</token> <created-at>2013-08-19T03:48:24Z</created-at> <expires-in>2592000</expires-in> <expires-in-seconds>2592000</expires-in-seconds> <note>domainedit</note> <id>52119588ce7bf536fb000059</id> <scopes>domain/52118d93ce7bf54c9b000006/edit</scopes> <identity>wsun</identity> <links> <link> <rel>Get authorization</rel> <method>GET</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/52119588ce7bf536fb000059</href> <required-params/> <optional-params/> </link> <link> <rel>Update authorization</rel> <method>PUT</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/52119588ce7bf536fb000059</href> <required-params> <param> <name>note</name> <type>string</type> <description>A note to remind you what this token is for.</description> <valid-options/> <invalid-options/> </param> </required-params> <optional-params/> </link> <link> <rel>Delete authorization</rel> <method>DELETE</method> <href>https://ec2-184-73-128-146.compute-1.amazonaws.com/broker/rest/user/authorizations/52119588ce7bf536fb000059</href> <required-params/> <optional-params/> </link> </links> </authorization> </data> <messages> <message> <severity>info</severity> <text>Create authorization</text> <exit-code>0</exit-code> <field nil="true"></field> </message> </messages> <version>1.6</version> <api-version>1.6</api-version> <supported-api-versions> <supported-api-version>1.0</supported-api-version> <supported-api-version>1.1</supported-api-version> <supported-api-version>1.2</supported-api-version> <supported-api-version>1.3</supported-api-version> <supported-api-version>1.4</supported-api-version> <supported-api-version>1.5</supported-api-version> <supported-api-version>1.6</supported-api-version> </supported-api-versions> </response>