Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permission write cannot be modified with current master. #215

Closed
Natim opened this issue Oct 18, 2015 · 4 comments
Closed

Permission write cannot be modified with current master. #215

Natim opened this issue Oct 18, 2015 · 4 comments
Labels
bug scope: core

Comments

@Natim
Copy link
Member

Natim commented Oct 18, 2015 

$ echo '{"permissions": 
    {"write": ["/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators", 
               "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6"]}}' \ 
  | http PUT http://localhost:8888/v1/buckets/default/collections/bookmarks --auth user:pass -v

PUT /v1/buckets/default/collections/bookmarks HTTP/1.1
Accept: application/json
Connection: keep-alive
Content-Length: 174
Content-Type: application/json
Host: localhost:8888
User-Agent: HTTPie/0.9.2

{
    "permissions": {
        "write": [
            "/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators"
        ]
    }
}

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Retry-After, Content-Length, Alert, Backoff
Content-Length: 172
Content-Type: application/json; charset=UTF-8
Date: Sun, 18 Oct 2015 10:17:15 GMT
Etag: "1445163435336"
Last-Modified: Sun, 18 Oct 2015 10:17:15 GMT
Server: waitress

{
    "data": {
        "id": "bookmarks", 
        "last_modified": 1445163435336, 
        "schema": {}
    }, 
    "permissions": {
        "write": [
            "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6"
        ]
    }
}
@leplatrem leplatrem added the bug label Oct 19, 2015
@leplatrem
Copy link
Contributor

Cannot reproduce with kinto master, memory backend, cliquet 2.9.0dev0

echo '{"permissions":    
    {"write": ["/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators",
               "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6"]}}'| http PUT http://localhost:8888/v1/buckets/default/collections/bookmarks --auth user:pass -v

returns

PUT /v1/buckets/default/collections/bookmarks HTTP/1.1
Accept: application/json
Accept-Encoding: gzip, deflate
Authorization: Basic dXNlcjpwYXNz
Connection: keep-alive
Content-Length: 195
Content-Type: application/json; charset=utf-8
Host: localhost:8888
User-Agent: HTTPie/0.8.0

{
    "permissions": {
        "write": [
            "/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators", 
            "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6"
        ]
    }
}

HTTP/1.1 201 Created
Access-Control-Expose-Headers: Retry-After, Content-Length, Alert, Backoff
Content-Length: 348
Content-Type: application/json; charset=UTF-8
Date: Mon, 19 Oct 2015 10:38:53 GMT
Etag: "1445251133832"
Last-Modified: Mon, 19 Oct 2015 10:38:53 GMT
Server: waitress

{
    "data": {
        "id": "bookmarks", 
        "last_modified": 1445251133832, 
        "schema": {}
    }, 
    "permissions": {
        "read": [], 
        "record:create": [], 
        "write": [
            "basicauth:6de355038fd943a2dc91405063b91018bb5dd97a08d1beb95713d23c2909748f", 
            "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6", 
            "/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators"
        ]
    }
}

@leplatrem
Copy link
Contributor

Somehow more preoccupying, with postgres backend, I get another behaviour (current user is not added): Update: Everything is fine with postgres backend. The difference with previous comment, is just that I changed the hmac_secret and the resulting user id differs from the one passed in the request body.

echo '{"permissions": 
    {"write": ["/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators",
               "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6"]}}'| http PUT http://localhost:8888/v1/buckets/default/collections/bookmarks --auth user:pass -v

PUT /v1/buckets/default/collections/bookmarks HTTP/1.1
Accept: application/json
Accept-Encoding: gzip, deflate
Authorization: Basic dXNlcjpwYXNz
Connection: keep-alive
Content-Length: 195
Content-Type: application/json; charset=utf-8
Host: localhost:8888
User-Agent: HTTPie/0.8.0

{
    "permissions": {
        "write": [
            "/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators", 
            "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6"
        ]
    }
}

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Retry-After, Content-Length, Alert, Backoff
Content-Length: 242
Content-Type: application/json; charset=UTF-8
Date: Mon, 19 Oct 2015 10:42:05 GMT
Etag: "1445251325575"
Last-Modified: Mon, 19 Oct 2015 10:42:05 GMT
Server: waitress

{
    "data": {
        "id": "bookmarks", 
        "last_modified": 1445251325575, 
        "schema": {}
    }, 
    "permissions": {
        "write": [
            "basicauth:631c2d625ee5726172cf67c6750de10a3e1a04bcd603bc9ad6d6b196fa8257a6", 
            "/buckets/46524be8-0ad7-3ac6-e260-71f8993feffa/groups/moderators"
        ]
    }
}

@leplatrem
Copy link
Contributor

Festival ! 🎉

With the redis backend, I have a 500 :)

2015-10-19 12:46:06,925 ERROR [venusian][waitress] "PUT   /v1/buckets/b928fd92-4832-bca4-b56e-d647c573204d/collections/bookmarks" ? (? ms) u'create' lang=None; exception=Traceback (most recent call last):
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/tweens.py", line 21, in excview_tween
    response = handler(request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/router.py", line 163, in handle_request
    response = view_callable(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 385, in viewresult_to_response
    result = view(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 501, in _requestonly_view
    response = view(request)
  File "/home/mathieu/Code/Mozilla/kinto/kinto/views/buckets.py", line 165, in default_bucket
    response = request.invoke_subrequest(subrequest)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/router.py", line 217, in invoke_subrequest
    response = handle_request(request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/router.py", line 163, in handle_request
    response = view_callable(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 596, in __call__
    return view(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 329, in attr_view
    return view(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 305, in predicate_wrapper
    return view(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 245, in _secured_view
    return view(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 355, in rendered_view
    result = view(context, request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/pyramid/config/views.py", line 501, in _requestonly_view
    response = view(request)
  File "/home/mathieu/Code/Mozilla/kinto/.venv/local/lib/python2.7/site-packages/cornice/service.py", line 571, in wrapper
    response = view_()
  File "/home/mathieu/Code/Mozilla/cliquet/cliquet/resource.py", line 361, in put
    unique_fields=unique)
  File "/home/mathieu/Code/Mozilla/cliquet/cliquet/collection.py", line 290, in create_record
    self.permission.replace_object_permissions(perm_object_id, permissions)
  File "/home/mathieu/Code/Mozilla/cliquet/cliquet/storage/redis.py", line 18, in wrapped
    return func(*args, **kwargs)
  File "/home/mathieu/Code/Mozilla/cliquet/cliquet/permission/redis.py", line 151, in replace_object_permissions
    principals = permissions[permission]
KeyError: u'create'; uid=6de355038fd943a2dc91405063b91018bb5dd97a08d1beb95713d23c2909748f; errno=110; agent=HTTPie/0.8.0; authn_type=BasicAuth; collection_id=collection; collection_timestamp=1445251566921

leplatrem added a commit to mozilla-services/cliquet that referenced this issue Oct 19, 2015
@leplatrem
Fix crash in Redis permission backend (ref Kinto/kinto#215)
c60b45b 
When permission contains ":"

@Natim r?
@leplatrem leplatrem mentioned this issue Oct 19, 2015
Merged
leplatrem added a commit to mozilla-services/cliquet that referenced this issue Oct 19, 2015
@leplatrem
Fix crash in Redis permission backend (ref Kinto/kinto#215)
feadd28 
When permission contains ":"

@Natim r?
Natim added a commit to mozilla-services/cliquet that referenced this issue Oct 19, 2015
@Natim
Merge pull request #483 from mozilla-services/fix-crash-redis-permiss…
112273d 
…ion-backend

Fix crash in Redis permission backend (ref Kinto/kinto#215)
@Natim
Copy link
Member Author

Natim commented Oct 22, 2015

Fixed with mozilla-services/cliquet#483

@Natim Natim closed this as completed Oct 22, 2015
lavish205 pushed a commit to lavish205/kinto that referenced this issue Jun 20, 2016
@leplatrem
Merge pull request Kinto#231 from mozilla-services/186-215-add-sqlach…
aed681a 
…emy-pooling

Use SQLAlchemy for pools and connections instead of raw psycopg2 (fixes Kinto#186, Kinto#215, Kinto#171)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug scope: core
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Natim @leplatrem