Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API returning 404 when attempting to create/update ACL policy with invalid rules #15986

Closed
gbolo opened this issue Jan 31, 2023 · 2 comments · Fixed by #16000
Closed

API returning 404 when attempting to create/update ACL policy with invalid rules #15986

gbolo opened this issue Jan 31, 2023 · 2 comments · Fixed by #16000
Assignees
@jrasell
Labels
type/bug
Projects
Nomad - Community Issues Triage

Comments

@gbolo
Copy link

gbolo commented Jan 31, 2023

Nomad version

Nomad v1.4.3 (f464aca721d222ae9c1f3df643b3c3aaa20e2da7)

Issue

when attempting to modify an ACL policy with invalid rules syntax, you will receive a 404 instead of a more appropriate status code like 400 or something.

Reproduction steps

create a an ACL policy, then retreive it to confirm it's presence:

http -v 127.0.0.1:4646/v1/acl/policy/gbolo-test 'X-Nomad-Token:<redacted>'
...
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Length: 489
Content-Type: application/json
Date: Tue, 31 Jan 2023 17:58:15 GMT
Vary: Accept-Encoding
X-Nomad-Index: 855
X-Nomad-Knownleader: true
X-Nomad-Lastcontact: 0

{
    "CreateIndex": 783,
    "Description": "testing2",
    "Hash": "QyBlyewLb7DAWDr4aZTy769phBId/afhyj7Y+gSVxQo=",
    "JobACL": null,
    "ModifyIndex": 855,
    "Name": "gbolo-test",
...

Then try to modify it with invalid rules:

http -v 127.0.0.1:4646/v1/acl/policy/gbolo-test Name=gbolo-test rules=bar 'X-Nomad-Token:<redacted>'

POST /v1/acl/policy/gbolo-test HTTP/1.1
...

{
    "Name": "gbolo-test",
    "rules": "invalid"
}


HTTP/1.1 404 Not Found
Content-Encoding: gzip
Content-Length: 150
Date: Tue, 31 Jan 2023 18:00:24 GMT
Vary: Accept-Encoding

policy 0 invalid: 1 error occurred:
	* failed to parse rules: Failed to parse ACL Policy: At 1:9: key 'invalid' expected start of object ('{') or assignment ('=')

Expected Result

Not sure if this was intentional or not, just opening an issue in case this was not the desired behaviour. I couldn't find any mention about the expected response in the documentation, its just completely missing.

Judging by the output, it looks like the server is aware that the client sent invalid input, so perhaps changing the status code won't be too difficult? Feel free to close this issue if this is the expected behaviour.
@gbolo gbolo added the type/bug label Jan 31, 2023
@gbolo
Copy link
Author

gbolo commented Jan 31, 2023

pinging you @jrasell as perhaps you are already working close to this code in response to #15960

@jrasell
Copy link
Member

jrasell commented Feb 1, 2023

Hi @gbolo and thanks for raising this. Yeah I am in that general area and this looks like a trivial fix, so I'll look into this.

@jrasell jrasell self-assigned this Feb 1, 2023
@jrasell jrasell mentioned this issue Feb 1, 2023
Merged
@jrasell jrasell added this to Needs Triage in Nomad - Community Issues Triage via automation Feb 1, 2023
@jrasell jrasell moved this from Needs Triage to In Progress in Nomad - Community Issues Triage Feb 1, 2023
Nomad - Community Issues Triage automation moved this from In Progress to Done Feb 1, 2023
This was referenced Feb 1, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jrasell jrasell

Labels
type/bug
Projects
Nomad - Community Issues Triage
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

acl: return 400 not 404 code when creating an invalid policy. hashicorp/nomad
2 participants
@jrasell @gbolo