Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add check for invalid roles in server_role_names= #20731

Merged
merged 1 commit into from
Oct 29, 2020
Merged

Add check for invalid roles in server_role_names= #20731

merged 1 commit into from
Oct 29, 2020

Conversation

Fryguy
Copy link
Member

@Fryguy Fryguy commented Oct 26, 2020

This fixes an issue where invalid roles names are silently ignored. I think it was expected that assign_role call a little below would call ServerRole.to_role and raise this exception, however the ServerRole.where just before it will ignore the invalid roles on querying, and thus assign_role can never be called with a bad role name.

I was thinking of fixing this to call .to_role, but I realize that method is a wasted abstraction and I plan to remove it in a follow up PR.

@jrafanie Please review

@Fryguy Fryguy added the bug label Oct 26, 2020
@Fryguy Fryguy mentioned this pull request Oct 26, 2020
Merged
@Fryguy
Copy link
Member Author

Fryguy commented Oct 26, 2020
edited
Loading

FWIW, I noticed this because I was trying to run_single_worker locally passing --roles ui, and it turns out the actual role is called user_interface. It just kept telling me I had insufficient roles, but I didn't know it was because I typoed the role name.

@Fryguy Fryguy force-pushed the fix_roles_in_run_single_worker branch 2 times, most recently from c85d1ac to 5c54d11 Compare October 26, 2020 17:43
@Fryguy Fryguy mentioned this pull request Oct 26, 2020
Closed
@Fryguy
Copy link
Member Author

Fryguy commented Oct 26, 2020
edited
Loading

I also found that miq_alert_spec was actually silently not setting the notifier role as it was specified. Since ServerRole was not seeded, then calling role= was ignoring the notifier role and just not setting it and yet the specs passed. We will probably want to revisit that but for now I've updated the local_miq_server method to accept role and do the right thing. The only caller to local_miq_server with a role was miq_alert_spec, so I could also just update that one to not set the roles in that way.

@Fryguy Fryguy force-pushed the fix_roles_in_run_single_worker branch from a9129ff to 1024c1a Compare October 26, 2020 18:05
@Fryguy
Copy link
Member Author

Fryguy commented Oct 26, 2020

Updated to just fix the only caller that used :role = to local_miq_server

@Fryguy
Copy link
Member Author

Fryguy commented Oct 26, 2020

@miq-bot cross_repo_tests manageiq-api, manageiq-ui-classic, manageiq-providers-amazon

miq-bot pushed a commit to ManageIQ/manageiq-cross_repo-tests that referenced this pull request Oct 26, 2020
@miq-bot
Running tests for Fryguy
2e28bdf 
From Pull Request:  ManageIQ/manageiq#20731
@miq-bot miq-bot mentioned this pull request Oct 26, 2020
Closed
@miq-bot
Copy link
Member

miq-bot commented Oct 26, 2020

Checked commit Fryguy@1024c1a with ruby 2.6.3, rubocop 0.82.0, haml-lint 0.35.0, and yamllint
4 files checked, 2 offenses detected

spec/models/miq_server/role_management_spec.rb

jrafanie
jrafanie approved these changes Oct 29, 2020
View reviewed changes
Copy link
Member

@jrafanie jrafanie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, I only have concern about the change in behavior and if we accidentally tried to assigned undefined roles in the past, it would silently be ignored. Now, it raises. It makes sense but I'm not sure if this is completely covered by tests.

@Fryguy
Copy link
Member Author

Fryguy commented Oct 29, 2020

So, the reason it ignored it previously is because in tests things were not seeded. So when it tried to set the role, it just ignored the "missing" roles. In a real production run, the server roles would be seeded. The only way it could fail now is if there is a typo, which seems unlikely because then it never would have worked.

@jrafanie
Copy link
Member

Merging, I agree, production code shouldn't accept undefined roles and it's more likely it's test code with not fully seeded roles that was hitting this so it's very unlikely to cause a production problem.

@jrafanie jrafanie merged commit 7b7fd98 into ManageIQ:master Oct 29, 2020
@jrafanie
Copy link
Member

@Fryguy is this kasparov/yes?

@Fryguy Fryguy deleted the fix_roles_in_run_single_worker branch October 29, 2020 14:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jrafanie jrafanie jrafanie approved these changes

@gtanzillo gtanzillo Awaiting requested review from gtanzillo

Assignees

@jrafanie jrafanie

Labels
bug core/workers kasparov/no
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Fryguy @miq-bot @jrafanie @gtanzillo