Juniper Openstack

Analytics RBAC doesnt work

Bug #1731182 reported by Senthilnathan Murugappan on 2017-11-09

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Juniper Openstack	Status tracked in Trunk
R4.1	Fix Committed	Critical	Sundaresan Rajangam	Juniper Openstack r4.1.0.0-fcs "r4.1"
Trunk	Fix Committed	Critical	Sundaresan Rajangam	Juniper Openstack r5.0.0

Bug Description

RBAC for analytics is enabled and requesting uves as _member_ user with valid R perms throws 500
There were no detailed traceback on contrail-analytics-api.log
Observed on 5.0.0-99-mitaka build

2017-11-06 12:57:06,664 - DEBUG - Requesting: http://10.204.216.160:8081/analytics/uves/virtual-network/default-domain:ctest-TestRbac-42739955:ctest-TestRbac-42739955-61245781?flat
2017-11-06 12:57:06,689 - DEBUG - Response Code: 500

Let us know if you need a cluster or so, can recreate and share the same.

See original description

Tags:

Senthilnathan Murugappan (msenthil) on 2017-11-09

description:

updated

Revision history for this message

Sundaresan Rajangam (srajanga) wrote on 2017-11-09:

Can you please provide the setup?

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2017-11-10: [Review update] master

Review in progress for https://review.opencontrail.org/37405
Submitter: Sundaresan Rajangam (<email address hidden>)

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2017-11-10: [Review update] R4.1

Review in progress for https://review.opencontrail.org/37406
Submitter: Sundaresan Rajangam (<email address hidden>)

Sundaresan Rajangam (srajanga) on 2017-11-10

information type:

Proprietary → Public

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2017-11-13: A change has been merged

Reviewed: https://review.opencontrail.org/37406
Committed: http://github.com/Juniper/contrail-controller/commit/5d98f663a96adfca0660f711d6551b304e821c80
Submitter: Zuul (<email address hidden>)
Branch: R4.1

commit 5d98f663a96adfca0660f711d6551b304e821c80
Author: Sundaresan Rajangam <email address hidden>
Date: Fri Nov 10 10:27:41 2017 -0800

analytics-api throws Internal Server Error for non-admin user

1) user_token was referenced before initialization causing analytics-api to
throw exception.

2) Fix the issue in vnc-api that if an invalid/expired user-token is passed,
then it shouldn't retry with the admin user token.

Change-Id: I8ce47116f6421ee33971ea4e5fdd23f2ed5c408a
Closes-Bug: #1731182

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2017-11-13:

Reviewed: https://review.opencontrail.org/37405
Committed: http://github.com/Juniper/contrail-controller/commit/46a7f25f41705be78c58c8cc9368fa18d72dfe67
Submitter: Zuul (<email address hidden>)
Branch: master

commit 46a7f25f41705be78c58c8cc9368fa18d72dfe67
Author: Sundaresan Rajangam <email address hidden>
Date: Fri Nov 10 10:27:41 2017 -0800

analytics-api throws Internal Server Error for non-admin user

1) user_token was referenced before initialization causing analytics-api to
throw exception.

2) Fix the issue in vnc-api that if an invalid/expired user-token is passed,
then it shouldn't retry with the admin user token.

Change-Id: I8ce47116f6421ee33971ea4e5fdd23f2ed5c408a
Closes-Bug: #1731182

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.