[jira] [Updated] (CLOUDSTACK-7073) Account/User creation: able to create user with the same name in the same domain in Clustered MS setup

Mon, 07 Jul 2014 10:45:13 -0700 

     [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-7073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Alena Prokharchyk updated CLOUDSTACK-7073:
------------------------------------------

    Description: 
In the Java code we prohibit user to have duplicated names inside the same 
domain. But in the DB the constraint is missing in cloud.account/cloud.user 
table, so it is still possible to violate the rule by initiating the create 
call from parallel threads issued either by the same MS, or by multiple MS in 
the clustered MS setup.

To fix, have to introduce some kind of the global lock, or db constraint 
preventing multiple threads to insert the record with the same username.


  was:
In the Java code we prohibit user/account to have duplicated names inside the 
same domain. But in the DB the constraint is missing in 
cloud.account/cloud.user table, so it is still possible to violate the rule by 
initiating the create call from parallel threads issued either by the same MS, 
or by multiple MS in the clustered MS setup.

To fix:

a) in cloud.account table, add constraint on "account_name"/"domain_id" combo. 
It will fix createAccount call.

b) for the user creation, issue global lock on the corresponding account 
object. 


> Account/User creation: able to create user with the same name in the same 
> domain in Clustered MS setup
> ------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-7073
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7073
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Management Server
>    Affects Versions: 4.5.0
>            Reporter: Alena Prokharchyk
>            Assignee: Alena Prokharchyk
>             Fix For: 4.5.0
>
>
> In the Java code we prohibit user to have duplicated names inside the same 
> domain. But in the DB the constraint is missing in cloud.account/cloud.user 
> table, so it is still possible to violate the rule by initiating the create 
> call from parallel threads issued either by the same MS, or by multiple MS in 
> the clustered MS setup.
> To fix, have to introduce some kind of the global lock, or db constraint 
> preventing multiple threads to insert the record with the same username.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to