You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficcontrol.apache.org by GitBox <gi...@apache.org> on 2022/04/27 23:10:49 UTC
[GitHub] [trafficcontrol] ocket8888 opened a new issue, #6798: Creating Role without required "capabilities" property causes segfault
ocket8888 opened a new issue, #6798:
URL: https://github.com/apache/trafficcontrol/issues/6798
## This Bug Report affects these Traffic Control components:
- Traffic Ops
## Current behavior:
When creating a new Role in APIv3, omitting the `capabilities` property (or equivalently setting it to `null`) causes an internal server error stepping from a segfault caused by dereferencing a `nil` pointer.
This issue is specific to API version 3 - in API version 4 the property doesn't even exist (and the underlying implementation is different - doesn't use the CRUDer).
## Expected behavior:
If a request is missing a required property, the response should be a `400 Bad Request` with an error-level Alert that explains what's missing.
## Steps to reproduce:
1. `topost -kp roles '{"name": "testquest", "privLevel": -1, "description": "a"}'`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@trafficcontrol.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [trafficcontrol] ericholguin commented on issue #6798: Creating Role without required "capabilities" property causes segfault
Posted by GitBox <gi...@apache.org>.
ericholguin commented on issue #6798:
URL: https://github.com/apache/trafficcontrol/issues/6798#issuecomment-1148969997
According to the docs that property is optional. So expected behavior should be a `200 OK` when creating or updating a role without that property.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@trafficcontrol.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [trafficcontrol] ocket8888 closed issue #6798: Creating Role without required "capabilities" property causes segfault
Posted by GitBox <gi...@apache.org>.
ocket8888 closed issue #6798: Creating Role without required "capabilities" property causes segfault
URL: https://github.com/apache/trafficcontrol/issues/6798
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@trafficcontrol.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [trafficcontrol] ocket8888 commented on issue #6798: Creating Role without required "capabilities" property causes segfault
Posted by GitBox <gi...@apache.org>.
ocket8888 commented on issue #6798:
URL: https://github.com/apache/trafficcontrol/issues/6798#issuecomment-1149039875
That's true. Frankly I'd like for that to not be optional anymore, though. A user with no Permissions can't do anything except log in and update their contact information; they will be unable to interact with Traffic Ops in any way. I think we should force people to very intentionally pass an empty array in that case.
But that's hard to do with how Go's parser works. Or at least, it's more work and not normally how things in the API are done. This issue can be closed without that change.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@trafficcontrol.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org