Project

General

Profile

Actions

Bug #15656

closed

[API] container requests can have broken references to containers

Added by Peter Amstutz about 5 years ago. Updated almost 5 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Story points:
-
Release relationship:
Auto

Description

The database does not enforce foreign key consistency on the container_uuid column. It is possible to delete a container that has container requests referring to it. If a container request has a reference to a container record that no longer exists, clients such as workbench break badly.

Related, it is intended that normal (non-admin) users cannot delete container records, but that may be missing a permission check.


Subtasks 1 (0 open1 closed)

Task #15675: Review 15656-user-delete-containerResolvedTom Clegg09/30/2019Actions
Actions #1

Updated by Peter Amstutz about 5 years ago

  • Status changed from New to In Progress
Actions #2

Updated by Peter Amstutz about 5 years ago

  • Description updated (diff)
Actions #3

Updated by Peter Amstutz about 5 years ago

  • Status changed from In Progress to New
Actions #6

Updated by Tom Clegg about 5 years ago

  • Status changed from New to In Progress
  • Assigned To set to Tom Clegg
  • Target version changed from To Be Groomed to 2019-10-09 Sprint
Actions #7

Updated by Eric Biagiotti about 5 years ago

Other than that, this LGTM.

Actions #8

Updated by Tom Clegg about 5 years ago

15656-user-delete-container @ d22da8c4ae59fa50bfecaf3c5857fe8c0cc5fae7

"This API requires admin privileges. In normal operation, it should not be used at all. API clients like Workbench might not work correctly when a container request references a container that has been deleted."

Actions #9

Updated by Tom Morris about 5 years ago

  • Release set to 27
Actions #10

Updated by Tom Clegg almost 5 years ago

  • Status changed from In Progress to Resolved
Actions

Also available in: Atom PDF