[jira] [Created] (RANGER-4314) delete nonexistent user return different status code

Wed, 12 Jul 2023 21:39:04 -0700 

geehanlin created RANGER-4314:
---------------------------------

             Summary: delete nonexistent  user return different status code
                 Key: RANGER-4314
                 URL: https://issues.apache.org/jira/browse/RANGER-4314
             Project: Ranger
          Issue Type: Bug
          Components: admin
            Reporter: geehanlin


h2. Prerequistes:

user is not exists, with userId as 93 and username as "user1"
h2. Behavior:

 

call {*}service/xusers/users/93?forceDelete=true{*}, return 404 with no content

 

call {*}xusers/secure/users/user1?forceDelete=true{*}, return 400 with "Data 
not found" message

 

After investigating the code process, the correct response should be 400 with 
error message, the first one does not correctly check the exisitent of user.
h2. Call detail: 

 

404 without error message

```bash
[root@tcs-172-16-48-140 gee]# curl -u admin:admin -H "Accept: application/json" 
-H "Content-Type: application/json" -v -i -s -X DELETE 
http://127.0.0.1:6080/service/xusers/users/93?forceDelete=true
* About to connect() to 127.0.0.1 port 6080 (#0)
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 6080 (#0)
* Server auth using Basic with user 'admin'
> DELETE /service/xusers/users/93?forceDelete=true HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.29.0
> Host: 127.0.0.1:6080
> Accept: application/json
> Content-Type: application/json
>
< HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
< Set-Cookie: RANGERADMINSESSIONID=9CEC9ABBA4173C2076E0F05B93EAA144; Path=/; 
HttpOnly
Set-Cookie: RANGERADMINSESSIONID=9CEC9ABBA4173C2076E0F05B93EAA144; Path=/; 
HttpOnly
< X-Frame-Options: DENY
X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
X-XSS-Protection: 1; mode=block
< Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains
< Content-Security-Policy: default-src 'none'; script-src 'self' 
'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 
'self' 'unsafe-inline';font-src 'self'
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 
'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 
'unsafe-inline';font-src 'self'
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
Pragma: no-cache
< Expires: 0
Expires: 0
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< Content-Length: 0
Content-Length: 0
< Date: Tue, 11 Jul 2023 08:05:54 GMT
Date: Tue, 11 Jul 2023 08:05:54 GMT
< Server: Apache Ranger
Server: Apache Ranger


<
* Connection #0 to host 127.0.0.1 left intact
```
h3. 
400 with error message

 

```
curl-uadmin:admin-H"Accept: application/json"-H"Content-Type: 
application/json"-v-i-s-XDELETEhttp://127.0.0.1:6080/service/xusers/secure/users/user1?forceDelete=true
* About to connect() to 127.0.0.1 port 6080 (#0)
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 6080 (#0)
* Server auth using Basic with user 'admin'
> DELETE /service/xusers/secure/users/user1?forceDelete=true HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.29.0
> Host: 127.0.0.1:6080
> Accept: application/json
> Content-Type: application/json
>
< HTTP/1.1 400 Bad Request
HTTP/1.1 400 Bad Request
< Set-Cookie: RANGERADMINSESSIONID=3A04E53787B60ED0B7D3789970B8A178; Path=/; 
HttpOnly
Set-Cookie: RANGERADMINSESSIONID=3A04E53787B60ED0B7D3789970B8A178; Path=/; 
HttpOnly
< X-Frame-Options: DENY
X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
X-XSS-Protection: 1; mode=block
< Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains
< Content-Security-Policy: default-src 'none'; script-src 'self' 
'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 
'self' 'unsafe-inline';font-src 'self'
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 
'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 
'unsafe-inline';font-src 'self'
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
Pragma: no-cache
< Expires: 0
Expires: 0
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< Content-Type: application/json
Content-Type: application/json
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Date: Tue, 11 Jul 2023 07:39:45 GMT
Date: Tue, 11 Jul 2023 07:39:45 GMT
< Connection: close
Connection: close
< Server: Apache Ranger
Server: Apache Ranger


<
* Closing connection 0
{"statusCode":1,"msgDesc":"user1 is Not 
Found","messageList":[\{"name":"DATA_NOT_FOUND","rbKey":"xa.error.data_not_found","message":"Data
 not found"}]}
```



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to