Fixes #36753 - Only allow coherent default CVE in global registration form #10764
Conversation
|
Issues: #36753 |
| @@ -1,5 +1,6 @@ | |||
| module Katello | |||
| module Validators | |||
| # used by activation key and content facet | |||
There was a problem hiding this comment.
I first said to myself, Why isn't it already hitting this? but then I realized this validator is only used by ActivationKey and ContentFacet records, not ContentViewEnvironment itself. So I made a separate one for this case.
in global registration form
- remove 'Lifecycle Environment' field from global registration form
- add Rails validator preventing content view environments from using a
non-default lifecycle environment with the Default Organization View
jeremylenz
force-pushed
the
36753-only-coherent-cves-from-now-on
branch
from
21dc7a8 to
73b586e
Compare
|
[test katello] |
2 similar comments
|
[test katello] |
|
[test katello] |
|
I hit another bug, unrelated(?), but good to note: My host exists and was previously given a different content source... now it seems passing no content source is not defaulting to using the primary smart proxy. I also hit this when trying to assign a smart proxy that doesn't sync library |
|
Aside from my comment above it works when not trying to change the content source! I just need to review the code a bit more to look for corner cases. |
ah, so you were checking the |
This is intentional (#10524), but might be nice to not use the Rails default error message there. |
Made a redmine for it: https://projects.theforeman.org/issues/36840 |
| #support lifecycle_environment_id for foreman models | ||
| environment_id = record.respond_to?(:lifecycle_environment_id) ? record.lifecycle_environment_id : record.environment_id | ||
| if record.content_view_id | ||
| view = ContentView.where(:id => record.content_view_id).first |
There was a problem hiding this comment.
Perhaps a bit clearer:
| view = ContentView.where(:id => record.content_view_id).first | |
| view = ContentView.find(record.content_view_id) |
There was a problem hiding this comment.
I realized this was copy/pasted from the other validator, so up to you if you wanna take the suggestions.
There was a problem hiding this comment.
.where ... .first will give you nil if it doesn't find it, while .find will error.
There was a problem hiding this comment.
I guess find_by(id: 42) will also give you nil, but it seems like we use the .where ... .first pattern a lot anyway 🤷
app/lib/katello/validators/content_view_environment_coherent_default_validator.rb
Show resolved
Hide resolved
| def validate(record) | ||
| #support lifecycle_environment_id for foreman models | ||
| environment_id = record.respond_to?(:lifecycle_environment_id) ? record.lifecycle_environment_id : record.environment_id | ||
| if record.content_view_id |
There was a problem hiding this comment.
Would it be possible for a record to have an LCE but not a CV? I feel like everything with an LCE ID should also have a content view ID, but I'm not certain.
There was a problem hiding this comment.
... I suppose it doesn't really matter because this validator is used only for content view environments, and those should always have an environment. I guess in that case the respond_to? check is a bit irrelevant, but again, maybe there is some benefit in keeping it exactly the same as the other related validator.
There was a problem hiding this comment.
Okay, took me a minute to remember, but I remembered the reason 😄
It's about making sure we raise the correct errors.
Content view environments already have these validations:
validates :environment_id, uniqueness: {scope: :content_view_id}, presence: true
validates :content_view_id, presence: trueOmitting one of them would normally cause an error like environment_id must be specified, because of the presence: true validation.
But let's say these checks aren't there. You might get a NilClass error, or if we fix that with safe navigation, you'd get both the correct and incorrect validation error:
environment_id must be specified, Lifecycle environment '' cannot be used with content view 'myCV'
Or, if we switched back to find, it'd be even worse, with
ActiveRecord::RecordNotFound: Couldn't find Katello::ContentViewVersion with 'id'=42
|
@jeremylenz I'm still seeing |
@Gauravtalreja1 Good catch, this only removed it from the web UI and added the validations. Now that we have the validation, we could leave the option in hammer and you'd get the error in the PR description if you try to register the host while assigning an invalid LCE. Or we could remove it from hammer for consistency. I'll leave it up to you whether to open a BZ. |
|
@jeremylenz Thanks for the confirming, opened the BZ 2253618 (CC'ed you) for its removal for consistency. |
What are the changes introduced in this pull request?
Now that content views and lifecycle environments are assigned as a single unit (CVE / Content View Environment), it doesn't make sense to be able to select lifecycle environment separately. Also, the web UI was allowing you to select a non-library LCE and attempt to use it with the 'Default Organization View' content view, which won't work. So:
Considerations taken when implementing this change?
It's always been the case that you can't create a content view environment with Default Organization View and a non-library LCE. This just improves the error messaging and UI.
What are the testing steps for this pull request?
Before checking out the PR:
<the one you created><the one you created>Run the registration command on the host. You'll get
Now, check out the PR and use the same generated registration command (this is where the "force" comes in handy :)
Now you'll get
Now go to the web UI - Hosts > Register Host