[
https://issues.apache.org/jira/browse/CLOUDSTACK-6570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13989123#comment-13989123
]
Ove Ewerlid commented on CLOUDSTACK-6570:
-----------------------------------------
Patch used to fix this issue;
{noformat}
diff -r -c
cloudstack/api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java
cloudstack.changed/api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java
***
cloudstack/api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java
2014-04-26 23:20:19.045203699 +0200
---
cloudstack.changed/api/src/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java
2014-04-27 01:40:39.899326128 +0200
***************
*** 45,51 ****
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
! @Parameter(name = ApiConstants.API_KEY, type = CommandType.STRING,
description = "The API key for the user. Must be specified with userSecretKey")
private String apiKey;
@Parameter(name = ApiConstants.EMAIL, type = CommandType.STRING,
description = "email")
--- 45,51 ----
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
! @Parameter(name = ApiConstants.USER_API_KEY, type = CommandType.STRING,
description = "The API key for the user. Must be specified with userApiKey")
private String apiKey;
@Parameter(name = ApiConstants.EMAIL, type = CommandType.STRING,
description = "email")
***************
*** 65,71 ****
description = "Clear text password (default hashed to
SHA256SALT). If you wish to use any other hasing algorithm, you would need to
write a custom authentication adapter")
private String password;
! @Parameter(name = ApiConstants.SECRET_KEY, type = CommandType.STRING,
description = "The secret key for the user. Must be specified with userApiKey")
private String secretKey;
@Parameter(name = ApiConstants.TIMEZONE,
--- 65,71 ----
description = "Clear text password (default hashed to
SHA256SALT). If you wish to use any other hasing algorithm, you would need to
write a custom authentication adapter")
private String password;
! @Parameter(name = ApiConstants.SECRET_KEY, type = CommandType.STRING,
description = "The secret key for the user. Must be specified with
userSecretKey")
private String secretKey;
@Parameter(name = ApiConstants.TIMEZONE,
{noformat}
> API breakage of the UpdateUser API call
> ---------------------------------------
>
> Key: CLOUDSTACK-6570
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6570
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: API
> Affects Versions: 4.4.0
> Environment: Any, the UpdateUser API call is environment independent
> Reporter: Ove Ewerlid
> Priority: Blocker
> Labels: easyfix
> Fix For: 4.4.0, 4.5.0
>
>
> 44 adds USER_API_KEY in ./api/src/org/apache/cloudstack/api/ApiConstants.java
> and changes the value of API_KEY. Since API_KEY value is exposed in the
> UpdateUser API, the API breaks. Up until 4.3, KEYs to UpdateUser were passed
> via parameters;
> * userapikey
> * usersecretkey
> with 44 this changes to;
> * apikey
> * usersecretkey
>
--
This message was sent by Atlassian JIRA
(v6.2#6252)
