OpenStack Heat

non-existent stack_owner through heatclient to list stack

Bug #1616319 reported by pengxiao
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Heat
New
Undecided
Unassigned
OpenStack Heat no-milestone-taged-bugs

Bug Description

When using curl to get stack list, I am facing this problem,heat don't verify the stack_owner:

1、$ curl -g -i -X GET http://192.168.100.150:8004/v1/d04021d5a4144b4c9f579fdc1d1c2a9a/stacks?global_tenant=True -H "Accept: application/json" -H "User-Agent: python-heatclient" -H "X-Region-Name: RegionOne" -H "X-Auth-User: admin" -H "X-Auth-Token: $token" -H "Content-Type: application/json" -H "X-Auth-Url: http://192.168.100.11:5000/v3"

result:
{
 "stacks": [{
  "parent": null,
  "description": "Auto Scaling with desired servers - Tony Cheng 2015/8/14 v1",
  "links": [{
   "href": "http://192.168.100.150:8004/v1/d04021d5a4144b4c9f579fdc1d1c2a9a/stacks/stack_01/61319aff-196c-402d-8fb9-6ae477cdd760",
   "rel": "self"
  }],
  "stack_status_reason": "Stack CREATE completed successfully",
  "stack_name": "stack_01",
  "stack_user_project_id": "5c8ce8dbe967475eb580519588be17c3",
  "creation_time": "2016-08-24T03:15:46Z",
  "updated_time": null,
  "project": "d04021d5a4144b4c9f579fdc1d1c2a9a",
  "stack_owner": "admin",
  "stack_status": "CREATE_COMPLETE",
  "id": "61319aff-196c-402d-8fb9-6ae477cdd760"
 },
 {
  ...
  "stack_owner": "demo",
  "stack_status": "CREATE_COMPLETE",
  "id": "2ee21228-2a26-400b-8fe7-5d94eeccfa99"
 },
       {
  ...
  "stack_owner": null,
  "stack_status": "CREATE_COMPLETE",
  "id": "21a52492-a1b7-436f-aefb-4168f31e3121"
 }]
}

2、$ curl -g -i -X GET http://192.168.100.150:8004/v1/d04021d5a4144b4c9f579fdc1d1c2a9a/stacks?global_tenant=True -H "Accept: application/json" -H "User-Agent: python-heatclient" -H "X-Region-Name: RegionOne" -H "X-Auth-User: admin" -H "X-Auth-Token: $token" -H "Content-Type: application/json" -H "X-Auth-Url: http://192.168.100.11:5000/v3"

   Different from 1,I add header "X-Auth-User: admin" to the http request.

result:
{
 "stacks": [{
  "parent": null,
  "description": "Auto Scaling with desired servers - Tony Cheng 2015/8/14 v1",
  "links": [{
   "href": "http://192.168.100.150:8004/v1/d04021d5a4144b4c9f579fdc1d1c2a9a/stacks/stack_01/61319aff-196c-402d-8fb9-6ae477cdd760",
   "rel": "self"
  }],
  "stack_status_reason": "Stack CREATE completed successfully",
  "stack_name": "stack_01",
  "stack_user_project_id": "5c8ce8dbe967475eb580519588be17c3",
  "creation_time": "2016-08-24T03:15:46Z",
  "updated_time": null,
  "project": "d04021d5a4144b4c9f579fdc1d1c2a9a",
  "stack_owner": "admin",
  "stack_status": "CREATE_COMPLETE",
  "id": "61319aff-196c-402d-8fb9-6ae477cdd760"
 },
 {
  ...
  "stack_owner": "demo",
  "stack_status": "CREATE_COMPLETE",
  "id": "2ee21228-2a26-400b-8fe7-5d94eeccfa99"
 {
  ...
  "stack_owner": "admin",
  "stack_status": "CREATE_COMPLETE",
  "id": "21a52492-a1b7-436f-aefb-4168f31e3121"
 }]
}

Stack(id=21a52492-a1b7-436f-aefb-4168f31e3121),the "stack_status" is "admin",not null

Then I changed the header to "X-Auth-User: test"
$ curl -g -i -X GET http://192.168.100.150:8004/v1/d04021d5a4144b4c9f579fdc1d1c2a9a/stacks?global_tenant=True -H "Accept: application/json" -H "User-Agent: python-heatclient" -H "X-Region-Name: RegionOne" -H "X-Auth-User: test" -H "X-Auth-Token: $token" -H "Content-Type: application/json" -H "X-Auth-Url: http://192.168.100.11:5000/v3"

result:
{
 "stacks": [{
  "parent": null,
  "description": "Auto Scaling with desired servers - Tony Cheng 2015/8/14 v1",
  "links": [{
   "href": "http://192.168.100.150:8004/v1/d04021d5a4144b4c9f579fdc1d1c2a9a/stacks/stack_01/61319aff-196c-402d-8fb9-6ae477cdd760",
   "rel": "self"
  }],
  "stack_status_reason": "Stack CREATE completed successfully",
  "stack_name": "stack_01",
  "stack_user_project_id": "5c8ce8dbe967475eb580519588be17c3",
  "creation_time": "2016-08-24T03:15:46Z",
  "updated_time": null,
  "project": "d04021d5a4144b4c9f579fdc1d1c2a9a",
  "stack_owner": "admin",
  "stack_status": "CREATE_COMPLETE",
  "id": "61319aff-196c-402d-8fb9-6ae477cdd760"
 },
 {
  ...
  "stack_owner": "demo",
  "stack_status": "CREATE_COMPLETE",
  "id": "2ee21228-2a26-400b-8fe7-5d94eeccfa99"
 {
  ...
  "stack_owner": "test",
  "stack_status": "CREATE_COMPLETE",
  "id": "21a52492-a1b7-436f-aefb-4168f31e3121"
 }]
}

But,the user named "test" is not existed.

See original description
pengxiao (pengxiao1229)
summary: - non-existent stack_owner through curl to list stack
+ non-existent stack_owner through heatclient to list stack
pengxiao (pengxiao1229)
description: updated
Revision history for this message
Rabi Mishra (rabi) wrote :

Are you using the same auth_token with different auth_users for the requests? Any reason you're using global_tenant=True?

Revision history for this message
pengxiao (pengxiao1229) wrote :

I used the same auth_token with different auth_users.
I used global_tenant=True because the stacks in different projects.
When I add the header "X-Auth_User: test",I found that if stack_owner is null the stack_owner changed to "test" whether in which project.
The "test" user is not existed.I think that heat don't verify the stack_owner:

Rico Lin (rico-lin)
Changed in heat:
milestone: none → no-priority-tag-bugs
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.