Project

General

Profile

Actions

Bug #28166

open

apidoc says settings can be organization/location scoped, while they can't

Added by Evgeni Golov over 4 years ago. Updated over 4 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
API
Target version:
-
Difficulty:
Triaged:
No
Fixed in Releases:
Found in Releases:

Description

https://theforeman.org/api/1.23/apidoc/v2/settings/index.html says that you can pass organization_id and location_id while indexing settings, but you really can't:

# GET /api/v2/settings?organization_id=1
{
  "error": {"message":"Association not found for organization"}
}

# GET /api/v2/settings?location_id=1
{
  "error": {"message":"Association not found for location"}
}

Related issues 1 (0 open1 closed)

Related to Foreman - Bug #22403: Every API request should allow specifying taxonomy contextClosedMarek Hulán01/24/2018Actions
Actions #1

Updated by Martin Bacovsky over 4 years ago

Adding some notes...

The taxonomies in apidoc is comming from https://github.com/theforeman/foreman/blob/develop/app/controllers/api/v2/base_controller.rb#L10-L11. I believe the original intention was to make it on par with UI where you heve org/loc set in the selector even if you manipulate with non-taxable resources such as Settings. I believe it does not apply if the resource is not taxable but the scope is set for the request in case there are some related operations that use taxable resources.

The error on the server sais:

...
15:24:37 rails.1   | 2019-10-31T15:24:37 [D|app|62cc1437] Backtrace for 'Action failed' error (RuntimeError): Association not found for organization
15:24:37 rails.1   |  | /home/vagrant/foreman/app/controllers/api/base_controller.rb:81:in `parent_scope'
15:24:37 rails.1   |  | /home/vagrant/foreman/app/controllers/api/base_controller.rb:67:in `resource_scope'
15:24:37 rails.1   |  | /home/vagrant/foreman/app/controllers/api/v2/settings_controller.rb:11:in `index'
...

Actions #2

Updated by Evgeni Golov over 4 years ago

@Martin Englund, as promised on Thursday, here a few details how I stumbled over this.

In Foreman Ansible Modules, we have a module (foreman_search_facts) that is basically a "given a resource type, and an optional search string, return the result of the search operation", so e.g. a call with "resource=settings" will return all Foreman settings and their values.

Now in Katello, some resources are explicitly scoped to an Organization, and to list them you need to pass the organization ID to the request. To accommodate for that, we added two new module options: params (to pass arbitrary params) and organization (to pass an organization id) to the request. That works perfectly with Katello resources and regularly scoped Foreman ones, but with settings you see the above error, as settings are not really scoped.

We tried to remove all params that are not listed in the apidoc when doing the API call, but as settings (wrongly, imho) lists organization_id and location_id there, these are not removed and the user still faces the error.

You could (rightfully) argue, that because settings are not scoped, the user should not pass an organization when calling the module, but I think the module should be smarter than the user and filter the input ;)

Hope this clears the background a bit. If not, hit me up on IRC and we can talk further.

Actions #4

Updated by Evgeni Golov over 4 years ago

  • Related to Bug #22403: Every API request should allow specifying taxonomy context added
Actions

Also available in: Atom PDF