Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1596036 - The output of #oc adm policy who-can should show errors for wrong input
Summary: The output of #oc adm policy who-can should show errors for wrong input
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Command Line Interface
Version: 3.7.1
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ---
: ---
Assignee: Juan Vallejo
QA Contact: Xingxing Xia
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-06-28 06:24 UTC by Abhishek
Modified: 2018-06-28 15:40 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-06-28 15:40:32 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Abhishek 2018-06-28 06:24:50 UTC
Description of problem:
The output of #oc adm policy who-can with the wrong VERB, RESOURCE and OPTION can mislead the users.

Version-Release number of selected component (if applicable):
3.7 and 3.6

How reproducible:
100%

Steps to Reproduce:
1. oc adm policy who-can sdsadk sslkn -n sdkjasddsfdfhfh12233
2.
3.

Actual results:
Namespace: sdkjasddsfdfhfh12233
Verb:      sdsadk
Resource:  sslkn

Users:  admin
        system:admin

Groups: admin
        system:cluster-admins
        system:masters


Expected results:
There should be an error message for the wrong verb or resource or namespace.

Additional info:

Comment 1 Jordan Liggitt 2018-06-28 15:40:32 UTC
the authorization layer is agnostic to verbs and resources. those could be valid verbs/resources used by an extension api server


Note You need to log in before you can comment on or make changes to this bug.