zaqar

Subscription can be get or update with non-related queue

Bug #1653847 reported by wangxiyuan on 2017-01-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	zaqar	Fix Released	High	wangxiyuan

Bug Description

Env: Zaqar Master

Reproduce:

1.create a subscription for QueueA:
POST http://IP:8888/v2/queues/QueueA/subscriptions

suppose the subscription'id is "SubID"

2. get the subscription with QueueB

GET http://IP:8888/v2/queues/QueueB/subscriptions/SubID

Expect result: Zaqar return 404 NotFound.
Actual result: Zaqar can get the subscription.

The same to update:

3. update the subscription with QueueB

PATCH http://IP:8888/v2/queues/QueueB/subscriptions/SubID

Expect result: Zaqar return 404 NotFound.
Actual result: Zaqar can update the subscription.

wangxiyuan (wangxiyuan) on 2017-01-04

Changed in zaqar:
assignee:	nobody → wangxiyuan (wangxiyuan)

Feilong Wang (flwang) on 2017-01-04

Changed in zaqar:
importance:	Undecided → Critical

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-04: Fix proposed to zaqar (master)

Fix proposed to branch: master
Review: https://review.openstack.org/416402

Changed in zaqar:
status:	New → In Progress

Feilong Wang (flwang) on 2017-01-04

Changed in zaqar:
importance:	Critical → High

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-04: Fix merged to zaqar (master)

Reviewed: https://review.openstack.org/416402
Committed: https://git.openstack.org/cgit/openstack/zaqar/commit/?id=455cf6eb5ca358314b83654287232f1bf06fe995
Submitter: Jenkins
Branch: master

commit 455cf6eb5ca358314b83654287232f1bf06fe995
Author: wangxiyuan <email address hidden>
Date: Wed Jan 4 10:12:26 2017 +0800

don't allow get/update/delete subscirtions with wrong queue

    A subscription is always belong to a queue. We should
    not allow users to get/update/delete the subscription
    if they provide wrong queue name.

Change-Id: I4728fa5139962aa621d0af6fb385613435d3b1be
Closes-bug: #1653847

Changed in zaqar:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-27: Fix included in openstack/zaqar 4.0.0.0b3

This issue was fixed in the openstack/zaqar 4.0.0.0b3 development milestone.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.