Incorrect project_id type in API results in erratic behavior
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
octavia |
Fix Released
|
Critical
|
Stephen Balukoff |
Bug Description
While troubleshooting a different problem today, I discovered that various API endpoints are set up to recognize the project_id attribute of various objects as:
project_id = wtypes.
Whereas other endpoints enforce it as:
project_id = wtypes.
After some testing, I discovered that the type enforcement will allow for either hyphenated or non-hyphenated UUIDs in the request to the API. HOWEVER, the latter type checking also normalizes the UUID so that it does have hyphens, no matter what the API request contained. This is probably the desired behavior.
Since we don't presently enforce strict type checking on the project_id, this can lead to some entries in the database having the project_id stored hyphenated, while others do not store it hyphenated. This becomes a problem in sanity checks where, for example, a listener and a pool must have the same project_id. (MySQL does not interpret a hyphenated UUID being a string match for a non-hyphenated UUID).
I think the proper solution here is to use consistent type-checking for the project_id wherever we accept it as input in the API.
Changed in octavia: | |
assignee: | nobody → Stephen Balukoff (sbalukoff) |
Changed in octavia: | |
importance: | Undecided → Critical |
tags: | added: target-mitaka |
Fix proposed to branch: master /review. openstack. org/290936
Review: https:/