[
https://issues.apache.org/jira/browse/CLOUDSTACK-7073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14258470#comment-14258470
]
Alena Prokharchyk commented on CLOUDSTACK-7073:
-----------------------------------------------
1) "I dont agree to this. We have put the customer in this situation due to
this design around the user table to start with. So our cleanup should have
taken care of ideally. So if now we rae adding constraints we need to take care
of the existing schemas.
So this fix is not complete without adding upgrade steps to take care of these
setups."
Prachi, how do you know which user to remove? Remember, the real users stand
behind those records. Only customer can make this call.
2) "Add removed field to the constraint as well to make it work."
Removed field to the constraint won't fix it. You can't have 2 users
"alena"/"doman1"/inactive" in the DB even if both of them are marked as
removed.
3) "I dont think it will be a costly operation"
That has to be determined by looking at the code and doing testing. I dont
recall the details; just remember when I discussed it with Alex, we came to
conclusion that putting the DB lock would be the right idea.
Whoever is going to pick up this bug, should either put the original fix back
in with the additional fixes done on the area, or go the other way - by
implementing the lock. The second should be done only after making enough
research on the topic.
> Account/User creation: able to create user with the same name in the same
> domain in Clustered MS setup
> ------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-7073
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7073
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Management Server
> Affects Versions: 4.5.0
> Reporter: Alena Prokharchyk
> Assignee: Alena Prokharchyk
> Fix For: Future
>
>
> In the Java code we prohibit user to have duplicated names inside the same
> domain. But in the DB the constraint is missing in cloud.account/cloud.user
> table, so it is still possible to violate the rule by initiating the create
> call from parallel threads issued either by the same MS, or by multiple MS in
> the clustered MS setup.
> To fix, have to introduce some kind of the global lock, or db constraint
> preventing multiple threads to insert the record with the same username.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
