Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sequential IDs #86

Closed
athu-tran opened this issue Sep 16, 2020 · 3 comments
Closed

Sequential IDs #86

athu-tran opened this issue Sep 16, 2020 · 3 comments
Labels
final final issue state user story Issues that follow user story format in order to describe community needs
Milestone
ID Reservation Se...

Comments

@athu-tran
Copy link
Contributor

User story: As a user from a CNA or CNA-LR, I want to be able to reserve multiple IDs and for them to be in sequential order so that I can publish related CVEs with sequential IDs for my customers.
AC:
Given that a user specifies an amount greater than 1 and for the batch to be sequential, then the system reserves a sequence of CVE IDs equal to the amount specified and includes them in the response.

Historical Requirements Mapping
R3: Reservations can be requested and assigned in either a random (default) or sequential based on the request. Note: Random is not the default, user must specify if the request is sequential/non-sequential
R4: Reservations can be requested and assigned as a single (default) or block of CVE IDs
R5: Reservations are tracked to the requesting authorized CVE user and CNA organization
@athu-tran athu-tran mentioned this issue Sep 16, 2020
Closed
@athu-tran athu-tran added draft Initial issue state user story Issues that follow user story format in order to describe community needs labels Sep 16, 2020
@mprpic
Copy link
Contributor

mprpic commented Sep 22, 2020

Can this story specify what happens if the requested amount of sequential CVEs exceeds the length of any available sequences of CVEs in the CNA's quota? An extreme example: a CNA has a quota of 10 CVEs; the first request asks for 6 sequential CVEs, it succeeds; the next request asking for another 6 should fail, a request for 4 should succeed.

@athu-tran
Copy link
Contributor Author

Can this story specify what happens if the requested amount of sequential CVEs exceeds the length of any available sequences of CVEs in the CNA's quota? An extreme example: a CNA has a quota of 10 CVEs; the first request asks for 6 sequential CVEs, it succeeds; the next request asking for another 6 should fail, a request for 4 should succeed.

@mprpic The response from the development team is below:
With that situation in mind, a user would first, encounter an error message from the "request asking for another 6". Then, if, and only if the user makes new request for 4, since 4 is within the CNA quota then the request would succeed.
If a CNA requests more IDs than its ID quota the 404 error message will be "The amount requested would exceed the organization's ID quota. No more IDs can be reserved until the number of IDs in the Reserved state goes below the ID quota or the ID quota is raised. If you feel you are receiving this message in error, please contact support." A header in the response will indicate the amount of IDs the CNA can reserve given its ID quota limit.

@mattrbianchi
Copy link
Contributor

Technically, the code will be a 403 because reserving above your quota is forbidden.

@athu-tran athu-tran added final final issue state and removed draft Initial issue state labels Oct 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
final final issue state user story Issues that follow user story format in order to describe community needs
Projects
None yet
Milestone
ID Reservation Service (IDR) Phase 1
Development

No branches or pull requests
3 participants
@mprpic @mattrbianchi @athu-tran