Skip to content

Filter dedicated and non-dedicated VLAN in API listPublicIPAddresses#5533

Closed
GutoVeronezi wants to merge 3 commits into
apache:mainfrom
scclouds:filter-vlans-in-api-listpublicipaddresses
Closed

Filter dedicated and non-dedicated VLAN in API listPublicIPAddresses#5533
GutoVeronezi wants to merge 3 commits into
apache:mainfrom
scclouds:filter-vlans-in-api-listpublicipaddresses

Conversation

@GutoVeronezi
Copy link
Copy Markdown
Contributor

@GutoVeronezi GutoVeronezi commented Sep 29, 2021
edited
Loading

Description

In ACS, when we are listing public IPs to allocate, to a VPC, for instance, all IPs are listed, even the ones dedicated to an account different from the one that is calling the API. If we tried to allocate an IP dedicated to another account, ACS would return an error. Therefore, this PR intends to filter dedicated and non-dedicated VLANs in API listPublicIPAddresses.

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

How Has This Been Tested?

I added unit tests and tested locally, in a test lab.

  1. Created VPCs to account A and B;
  2. Dedicated some IPs to A and someto B`;
  3. Enabled non-dedicated VLANs to A;
  4. Before this change, account A would see non-dedicated and B's IPs and B would see non-dedicated and A's IPs. After this change, A only can see its IPs and non-dedicated and B only see its IPs as well.

@weizhouapache
Copy link
Copy Markdown
Member

weizhouapache commented Sep 29, 2021

@GutoVeronezi
have you tested with latest main/master ?
#5464 might have already solved the problem.

@GutoVeronezi
Copy link
Copy Markdown
Contributor Author

GutoVeronezi commented Sep 29, 2021

@weizhouapache #5464 seems to refer only in duplicated IPs, not in VLAN filtering.

@weizhouapache
Copy link
Copy Markdown
Member

weizhouapache commented Sep 30, 2021

@weizhouapache #5464 seems to refer only in duplicated IPs, not in VLAN filtering.

@GutoVeronezi
can you please test it ?
with #5464 , user can only view the ips allocated to the account, and all dedicated ips (and/or system ips) the user can use, not all ips.
if the issue still exists, please rebase against latest main (build fails for now).

@ravening
Copy link
Copy Markdown
Member

ravening commented Sep 30, 2021

@weizhouapache @GutoVeronezi if i remember properly, a domain admin or user can list only the public ip belonging to his/her account. only root admin can list all ip. are you assigning as root admin?

@sureshanaparti sureshanaparti reopened this Oct 1, 2021
@weizhouapache
Copy link
Copy Markdown
Member

weizhouapache commented Oct 1, 2021

@GutoVeronezi
can you please describe how to reproduce the issue and test with latest 4.15 or main ?
please also have a look at jenkins and travis failures.
thanks.

@GutoVeronezi
Copy link
Copy Markdown
Contributor Author

GutoVeronezi commented Oct 5, 2021

@GutoVeronezi can you please describe how to reproduce the issue and test with latest 4.15 or main ? please also have a look at jenkins and travis failures. thanks.

@weizhouapache

  • Failures solved.
  • I will test with main soon.

To reproduce the issue:

  1. Create two accounts: A and B (Domain Admin);
  2. Create VPCs to the accounts;
  3. Dedicate some IPs to A and some to B;
  4. Enable non-dedicated VLANs to A;
  • Before this change:
    5. If we login with account A we will see non-dedicated, A and B IPs;
    6. If we login with account B we will see non-dedicated, B and A IPs.
  • After this change:
    5. If we login with account A we will see only non-dedicated and A IPs;
    6. If we login with account B we will see only B IPs.

@weizhouapache
Copy link
Copy Markdown
Member

weizhouapache commented Oct 6, 2021

@GutoVeronezi can you please describe how to reproduce the issue and test with latest 4.15 or main ? please also have a look at jenkins and travis failures. thanks.

@weizhouapache

  • Failures solved.
  • I will test with main soon.

To reproduce the issue:

  1. Create two accounts: A and B (Domain Admin);
  2. Create VPCs to the accounts;
  3. Dedicate some IPs to A and some to B;
  4. Enable non-dedicated VLANs to A;
  • Before this change:
    5. If we login with account A we will see non-dedicated, A and B IPs;
    6. If we login with account B we will see non-dedicated, B and A IPs.
  • After this change:
    5. If we login with account A we will see only non-dedicated and A IPs;
    6. If we login with account B we will see only B IPs.

@GutoVeronezi
As I said before, can you please test with latest main ? I think this has been fixed by #5464

weizhouapache
weizhouapache requested changes Oct 6, 2021
View reviewed changes
Copy link
Copy Markdown
Member

@weizhouapache weizhouapache left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please check with latest main branch, and verify the fix if the issue can be reproduced.
please fix the jenkins/travis failures.

@GutoVeronezi
Copy link
Copy Markdown
Contributor Author

GutoVeronezi commented Oct 11, 2021

@weizhouapache I built and tested PR #5464 and it solved this problem. I'll close this PR, thanks for the tip.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@weizhouapache weizhouapache weizhouapache requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@GutoVeronezi @weizhouapache @ravening @sureshanaparti