Project

General

Profile

Bug #9742

API allows to create duplicate UUIDs at group creation

Added by Janos Mattyasovszky about 1 year ago. Updated 10 months ago.

Status:
Released
Priority:
1
Category:
API
Target version:
Target version (plugin):
Severity:
User visibility:
Effort required:
Priority:
Tags: Quick and important

Description

I can create a group with different names but the same UUID in different GroupCategories.

How to recreate:

API CALL #1:

# curl -s -X GET -H "X-API-Token: $APIKEY" -X PUT https://${URL}/rudder/api/latest/groups  \
> -d 'displayName=api test new group name 2' \
> -d 'description=description of the new group 2' \
> -d 'query={ "select": "node", "composition": "Or", "where": [{ "objectType": "node", "attribute": "OS", "comparator": "eq", "value": "Linux" }] }' \
> -d '8ecda055-094e-4b04-85ed-5c6235268ec7'
{
  "action": "createGroup",
  "id": "8ecda055-094e-4b04-85ed-5c6235268ec7",
  "result": "success",
  "data": {
    "groups": [
      {
        "id": "8ecda055-094e-4b04-85ed-5c6235268ec7",
        "displayName": "api test new group name 2",
        "description": "description of the new group 2",
        "query": {
          "select": "node",
          "composition": "Or",
          "where": [
            {
              "objectType": "node",
              "attribute": "OS",
              "comparator": "eq",
              "value": "Linux" 
            }
          ]
        },
        "nodeIds": [],
        "dynamic": true,
        "enabled": true,
        "isEnabled": true,
        "isDynamic": true
      }
    ]
  }
}

API CALL #2:

# curl -s -X GET -H "X-API-Token: $APIKEY" -X PUT https://${URL}/rudder/api/latest/groups \
> -d "category=5f2e3903-d3fe-40a4-8561-86017138e8ae" \
> -d 'displayName=api test new group name' \
> -d 'description=description of the new group' \
> -d 'query={ "select" : "node", "composition": "Or", "where": [] }' \
> -d 'id=8ecda055-094e-4b04-85ed-5c6235268ec7'  | jq
{
  "action": "createGroup",
  "id": "8ecda055-094e-4b04-85ed-5c6235268ec7",
  "result": "success",
  "data": {
    "groups": [
      {
        "id": "8ecda055-094e-4b04-85ed-5c6235268ec7",
        "displayName": "api test new group name",
        "description": "description of the new group",
        "query": {
          "select": "node",
          "composition": "Or",
          "where": []
        },
        "nodeIds": [],
        "dynamic": true,
        "enabled": true,
        "isEnabled": true,
        "isDynamic": true
      }
    ]
  }
}

This creates a group with the same UUID, which breaks stuff in the GUI. :-/

Apparently the API only checks the uniqueness of the Group Name, I only fail to create a differenlty named but same UUID Group in a GroupCategory:

# curl -s -X GET -H "X-API-Token: $APIKEY" -X PUT https://${URL}/rudder/api/latest/groups \
> -d "category=5f2e3903-d3fe-40a4-8561-86017138e8ae" \
> -d 'displayName=api test new group name 5' \
> -d 'description=description of the new group' \
> -d 'query={ "select" : "node", "composition": "Or", "where": [] }' \
> -d 'id=8ecda055-094e-4b04-85ed-5c6235268ec7'  | jq
{
  "action": "createGroup",
  "id": "8ecda055-094e-4b04-85ed-5c6235268ec7",
  "result": "error",
  "errorDetails": "Could not create Group api test new group name 5 (id:8ecda055-094e-4b04-85ed-5c6235268ec7) cause is: Bad change record type for requested action 'add node group': LDIFModifyChangeRecord(dn='nodeGroupId=8ecda055-094e-4b04-85ed-5c6235268ec7,groupCategoryId=5f2e3903-d3fe-40a4-8561-86017138e8ae,groupCategoryId=GroupRoot,ou=Rudder,cn=rudder-configuration', mods={LDAPModification(type=replace, attr=cn, values={'api test new group name 5'})})." 
}

It "only" fails because ldap has a contraint on the uniqueness of the UUID, so this is the last part the creation fails, but if I create it in a different GroupCategory.

Associated revisions

Revision a6ce7988
Added by Vincent MEMBRÉ about 1 year ago

Fixes #9742: API allows to create duplicate UUIDs at group creation

History

#1 Updated by Janos Mattyasovszky about 1 year ago

  • File deleted (2016-11-28 12_48_23-Rudder_-_Change_request.png)

#2 Updated by Janos Mattyasovszky about 1 year ago

When I try to delete it, the following errors occure:

API:

# curl -X GET -H "X-API-Token: $APIKEY" -X DELETE https://${URL}/rudder/api/latest/groups/8ecda055-094e-4b04-85ed-5c6235268ec7  | jq
{
  "action": "deleteGroup",
  "id": "8ecda055-094e-4b04-85ed-5c6235268ec7",
  "result": "error",
  "errorDetails": "Could not delete Group 8ecda055-094e-4b04-85ed-5c6235268ec7 cause is: Error when retrieving the entry for NodeGroup 'NodeGroupId(8ecda055-094e-4b04-85ed-5c6235268ec7)'." 
}

On the GUI (added the nl's myself):

The form contains some errors, please correct them.
Error when deleting target GroupTarget(NodeGroupId(8ecda055-094e-4b04-85ed-5c6235268ec7)). 
All dependent rules where updated () 
<- Entry with ID 'NodeGroupId(8ecda055-094e-4b04-85ed-5c6235268ec7)' was not found 
<- Error, the directory contains multiple occurrence of the server group with ID NodeGroupId(8ecda055-094e-4b04-85ed-5c6235268ec7). 
  DNs involved: 
     nodeGroupId=8ecda055-094e-4b04-85ed-5c6235268ec7,groupCategoryId=GroupRoot,ou=Rudder,cn=rudder-configuration; 
     nodeGroupId=8ecda055-094e-4b04-85ed-5c6235268ec7,groupCategoryId=5f2e3903-d3fe-40a4-8561-86017138e8ae,groupCategoryId=GroupRoot,ou=Rudder,cn=rudder-configuration; 
     nodeGroupId=8ecda055-094e-4b04-85ed-5c6235268ec7,groupCategoryId=6f0e2a72-de92-4f07-a830-9b070a730c04,groupCategoryId=GroupRoot,ou=Rudder,cn=rudder-configuration

#3 Updated by Vincent MEMBRÉ about 1 year ago

  • Assignee set to Vincent MEMBRÉ
  • Target version set to 3.1.17

#4 Updated by Vincent MEMBRÉ about 1 year ago

  • Status changed from New to In progress

#5 Updated by Vincent MEMBRÉ about 1 year ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/1393

#6 Updated by Vincent MEMBRÉ about 1 year ago

  • Status changed from Pending technical review to Pending release
  • % Done changed from 0 to 100

#7 Updated by Vincent MEMBRÉ 12 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.0.1, 3.1.16 and 3.2.10 which were released today.

#8 Updated by Benoît PECCATTE 10 months ago

  • Found in version (s) 3.1.16 added

#9 Updated by Benoît PECCATTE 10 months ago

  • Found in version(s) old deleted (3.1.16)

Also available in: Atom PDF