Glance

Attempting to deactivate a queued image returns a 403

Bug #1445487 reported by Luke Wollney on 2015-04-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Glance	Invalid	Low	Hemanth Makkapati

Bug Description

Overview:
When attempting to deactivate a queued image (one without an image file) returns a "'403 Forbidden - Not allowed to deactivate image in status 'queued'".

Steps to reproduce:
1) Register a new image as user
2) Without uploading an image file, deactivate the image as admin via:
POST /images/<image_id>/actions/deactivate
3) Notice that a "'403 Forbidden - Not allowed to deactivate image in status 'queued'" is returned

Expected:
A 400 response should be returned with the same message

Actual:
A 403 response is returned

Revision history for this message

Ankit Agrawal (ankitagrawal) wrote on 2015-04-17:

IMO, 403 seems to be reasonable here because,

400 response is returned for malformed request syntax or invalid request [1] and
403 response is returned if request was valid, but the server is refusing to respond to it [2].

Ref: [1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1

[2] http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4

Revision history for this message

Kamil Rykowski (kamil-rykowski) wrote on 2015-04-21:

Ankit is totally right that 403 is a valid response here. The rfc2616 defines 403 as "The server understood the request, but is refusing to fulfill it" which is exactly what is happening in this scenario.

The API docs haven't been updated yet [1], as image deactivation is fresh feature. There is an bug report for it [2] and when it will be ready it should be more cleaner what status codes can be returned.

[1] http://developer.openstack.org/api-ref-image-v2.html
[2] https://bugs.launchpad.net/openstack-api-site/+bug/1432342

Changed in glance:
status:	New → Invalid

Revision history for this message

Luke Wollney (luke-wollney) wrote on 2015-04-22:

Talking with a couple of developers, it appears the upstream docs will be updated as well as the code, changing this to response code to a 409

Changed in glance:
status:	Invalid → In Progress

Hemanth Makkapati (hemanth-makkapati) on 2015-08-07

Changed in glance:
assignee:	nobody → Hemanth Makkapati (hemanth-makkapati)

Revision history for this message

Brian Rosmaita (brian-rosmaita) wrote on 2015-08-13:

Summary:

A 403 is the correct response.

The spec had a typo that said 400.

The spec is being changed to say 403.

End of discussion.

Revision history for this message

Hemanth Makkapati (hemanth-makkapati) wrote on 2015-08-13:

Here is the fix to spec: https://review.openstack.org/#/c/176411/

Changed in glance:
importance:	Undecided → Low

Revision history for this message

Abhishek Kekane (abhishek-kekane) wrote on 2015-11-23:

similar to https://bugs.launchpad.net/glance/+bug/1447322
please refer glance meeting [1] for reason behind marking this as invalid

[1] http://eavesdrop.openstack.org/meetings/glance/2015/glance.2015-11-19-14.01.log.html

Changed in glance:
status:	In Progress → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.