Bug #15656
[API] container requests can have broken references to containers
100%
Description
The database does not enforce foreign key consistency on the container_uuid column. It is possible to delete a container that has container requests referring to it. If a container request has a reference to a container record that no longer exists, clients such as workbench break badly.
Related, it is intended that normal (non-admin) users cannot delete container records, but that may be missing a permission check.
Subtasks
Associated revisions
Merge branch '15656-user-delete-container'
refs #15656
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg@veritasgenetics.com>
Merge branch '15656-user-delete-container'
refs #15656
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg@veritasgenetics.com>
History
#1
Updated by Peter Amstutz over 2 years ago
- Status changed from New to In Progress
#2
Updated by Peter Amstutz over 2 years ago
- Description updated (diff)
#3
Updated by Peter Amstutz over 2 years ago
- Status changed from In Progress to New
#4
Updated by Tom Clegg over 2 years ago
15656-user-delete-container @ 5fef2516e249671d288b35ba99a3c6730de0be91 -- https://ci.curoverse.com/view/Developer/job/developer-run-tests/1550/
#5
Updated by Tom Clegg over 2 years ago
15656-user-delete-container @ 55e5a470d6430d2026b94892112be6d985bcef09 -- https://ci.curoverse.com/view/Developer/job/developer-run-tests/1567/
#6
Updated by Tom Clegg over 2 years ago
- Status changed from New to In Progress
- Assigned To set to Tom Clegg
- Target version changed from To Be Groomed to 2019-10-09 Sprint
#7
Updated by Eric Biagiotti over 2 years ago
- Would an update to the delete method doc (https://doc.arvados.org/v1.4/api/methods/containers.html) saying that this is an admin only method and will break things if a container request still refers to it be helpful?
- If we are doing a 1.4.2 release, should this be included?
Other than that, this LGTM.
#8
Updated by Tom Clegg over 2 years ago
15656-user-delete-container @ d22da8c4ae59fa50bfecaf3c5857fe8c0cc5fae7
"This API requires admin privileges. In normal operation, it should not be used at all. API clients like Workbench might not work correctly when a container request references a container that has been deleted."
#9
Updated by Tom Morris over 2 years ago
- Release set to 27
#10
Updated by Tom Clegg over 2 years ago
- Status changed from In Progress to Resolved
Merge branch '15656-user-delete-container'
refs #15656
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg@veritasgenetics.com>