Cinder

No strict Boolean checking

Bug #1594261 reported by xiexs on 2016-06-20

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Cinder	Fix Released	Low	xiexs

Bug Description

The following API returned normally although the usage is specified a invalid bool value.
$ curl -X GET -H "X-Auth-Token: xxxx" "http://xxxx:8776//v2/xxxx/os-quota-sets/xxxx?usage=InvalidBool" -H 'Content-type: application/json'
  % Total % Received % Xferd Average Speed Time Time Time Current
                                 Dload Upload Total Spent Left Speed
100 933 100 933 0 0 5045 0 --:--:-- --:--:-- --:--:-- 5070
{
    "quota_set": {
      ...
    }
}

The reason for this is that there is no strict Boolean checking for that API.

The following API also has same issue:
- "usage" of /os-quota-sets API
- "multiattach" of /volumes API
- "detail" of /scheduler-states/get_pools API
- "force" of API /qos-specs

See original description

xiexs (xiexs) on 2016-06-20

Changed in cinder:
assignee:	nobody → xiexs (xiexs)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-20: Fix proposed to cinder (master)

Fix proposed to branch: master
Review: https://review.openstack.org/331529

Changed in cinder:
status:	New → In Progress

Sheel Rana (ranasheel2000) on 2016-06-20

Changed in cinder:
importance:	Undecided → Low

Revision history for this message

xiexs (xiexs) wrote on 2016-06-24:

This bug is also hit by qos-specs API.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-24:

Fix proposed to branch: master
Review: https://review.openstack.org/334003

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-27: Fix merged to cinder (master)

Reviewed: https://review.openstack.org/334003
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=91540227e32f2328039a2cbf75bc0bbad3ce9e13
Submitter: Jenkins
Branch: master

commit 91540227e32f2328039a2cbf75bc0bbad3ce9e13
Author: xiexs <email address hidden>
Date: Fri Jun 24 15:01:53 2016 -0400

Add strict Boolean checking for qos delete

    There is no strict boolean checking for the parameter
    "force" of API /qos-specs.
    This patch adds a strict checking for it to prevent
    invalid value, and adds a test case for this
    change as well.

Closes-Bug: #1594261
Change-Id: I59c24454a885310d463690cd08d0b39a0624163e

Changed in cinder:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-28: Fix proposed to cinder (master)

Fix proposed to branch: master
Review: https://review.openstack.org/334893

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-28:

Fix proposed to branch: master
Review: https://review.openstack.org/334989

xiexs (xiexs) on 2016-06-28

Changed in cinder:
status:	Fix Released → In Progress
description:	updated

Revision history for this message

xiexs (xiexs) wrote on 2016-06-29:

The following API also has same issue:
- "usage" of /os-quota-sets API
- "multiattach" of /volumes API
- "detail" of /scheduler-states/get_pools API
- "force" of API /qos-specs

description:

updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-30: Fix merged to cinder (master)

Reviewed: https://review.openstack.org/331529
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=3fa524067e604176da3f7f392e073e7617f553d9
Submitter: Jenkins
Branch: master

commit 3fa524067e604176da3f7f392e073e7617f553d9
Author: xiexs <email address hidden>
Date: Fri Jun 24 08:06:52 2016 -0400

Add strict Boolean checking for quota show

    There is no strict boolean checking for the parameter
    "usage" of API /os-quota-sets, so that any invalid
    boolean value can be specified.
    This patch adds a strict checking for it to prevent
    invalid value, and adds tests for this
    change as well.

Change-Id: I313b3bd495557a9d20ab954b37dd8162e34cf871
Closes-Bug: #1594261

Changed in cinder:
status:	In Progress → Fix Released

xiexs (xiexs) on 2016-06-30

Changed in cinder:
status:	Fix Released → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-07-06: Fix proposed to cinder (master)

Fix proposed to branch: master
Review: https://review.openstack.org/338244

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-07-12: Fix merged to cinder (master)

#10

Reviewed: https://review.openstack.org/338244
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=28b5c7e101d45e2897480fe587aff7c7def2f161
Submitter: Jenkins
Branch: master

commit 28b5c7e101d45e2897480fe587aff7c7def2f161
Author: xiexs <email address hidden>
Date: Wed Jul 6 11:04:23 2016 -0400

Add strict Boolean checking for volume manage

    There is no strict boolean checking for the parameter
    "bootable" of API /os-volume-manage, so that any invalid
    boolean value can be specified.
    This patch adds a strict checking for it to prevent
    invalid value, and adds a test for this change as well.

Change-Id: I0d79a0bb173aaeeea0fe6d735213c70c109ccd69
Partial-Bug: #1594261

Revision history for this message

Doug Hellmann (doug-hellmann) wrote on 2016-07-14: Fix included in openstack/cinder 9.0.0.0b2

#11

This issue was fixed in the openstack/cinder 9.0.0.0b2 development milestone.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-08-11: Fix merged to cinder (master)

#13

Reviewed: https://review.openstack.org/334989
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=505ccfd62f123b3bd864775b5e8b5f30547a98e4
Submitter: Jenkins
Branch: master

commit 505ccfd62f123b3bd864775b5e8b5f30547a98e4
Author: xiexs <email address hidden>
Date: Tue Jun 28 10:20:28 2016 -0400

Add strict Boolean checking for volume create

    There is no strict boolean checking for the parameter
    "multiattach" of API /volumes, so that
    any invalid boolean value can be specified.
    This patch adds a strict checking for it to prevent
    invalid value, and adds tests for this change as well.

Change-Id: I2a5dc45a3b238a2d875d7fbf7159eb91d1f111bf
Partial-Bug: #1594261

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-09-13:

#14

Reviewed: https://review.openstack.org/334893
Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=bf76eb25224a012776fd2017140df1cb539bad29
Submitter: Jenkins
Branch: master

commit bf76eb25224a012776fd2017140df1cb539bad29
Author: xiexs <email address hidden>
Date: Tue Jun 28 07:51:28 2016 -0400

Add strict Boolean checking for storage pools

    There is no strict boolean checking for the parameter
    "detail" of API /scheduler-states/get_pools, so that
    any invalid boolean value can be specified.
    This patch adds a strict checking for it to prevent
    invalid value, and adds a test for this change as well.

Change-Id: Ic24850e5a0e206548de81529179cd182d9eabb7f
Partial-Bug: #1594261

Sean McGinnis (sean-mcginnis) on 2016-10-05

Changed in cinder:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.