Closed Bug 579355 Opened 15 years ago Closed 15 years ago

Do not return 'null' as storage node for non-existent users

Categories

(Cloud Services Graveyard :: Server: Sync, defect)

Product:
Cloud Services Graveyard
Component:
Server: Sync
Platform:
All
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: philikon, Assigned: telliott)

Details

Attachments

(3 files, 1 obsolete file)

patch against reg-server-secure (v2)
650 bytes, patch
telliott
: review+
Details | Diff | Splinter Review
patch against reg-server
603 bytes, patch
telliott
: review+
Details | Diff | Splinter Review
Patch to frontend server to differ between non-user and pending user
534 bytes, patch
lorchard
: review+
Details | Diff | Splinter Review
Right now node/weave returns 'null' for both non-existent and throttled users. That means if somebody fat-fingers their username when setting up a new client, the client will happily accept that and just tell them that sync will happen shortly... We should return 'null' only for throttled users and continue to return "No Location" or whatever it was for non-existent users.
Attached patch patch against reg-server-secure (obsolete) — Splinter Review
Attachment #457863 - Flags: review?
Actually, we want to return a 404 when the user doesn't exist so the client knows it's an invalid user name.
Attachment #457863 - Attachment is obsolete: true
Attachment #457869 - Flags: review?
Attachment #457863 - Flags: review?
Here's a patch against reg-server.
Attachment #457870 - Flags: review?(mconnor)
Attachment #457869 - Flags: review? → review?(telliott)
Attachment #457870 - Flags: review?(mconnor) → review?(telliott)
Looks like this needs patching in both reg-server and reg-server-secure. I took a stab here with two patches: http://hg.mozilla.org/users/lorchard_mozilla.com/weaveserver-registration-admin-patches/file/e92b06ee45ee/bug-579355 http://hg.mozilla.org/users/lorchard_mozilla.com/weaveserver-registration-patches/file/1df8f53ae4b3/bug-579355 This reverts to the 404 / No location behavior where a username doesn't exist
Oh, and heh: I just saw philikon's 2 new patches, so you can probably just ignore me.
ugh. This is why I didn't want to be rushed into this fix yesterday. I'll throw something in.
I think this is the cleanest way to do it.
Attachment #457877 - Flags: review?(lorchard)
Comment on attachment 457877 [details] [diff] [review] Patch to frontend server to differ between non-user and pending user Looks good to me - thinking more about it, frontend change should be sufficient without a tweak to the secure backend.
Attachment #457877 - Flags: review?(lorchard) → review+
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Where was this fixed? Are we marking bugs as fixed when code is checked in and verified when it's pushed? I believe some websites mark as fixed when pushed to production and verified stays as something for QA to verify. I believe various tags are set in the whiteboard for the next tagged production push, and doing a bugzilla query for that tag makes it easy to mark all as fixed.
We have traditionally been following a model where fixed means that the fix is checked in and verified means verified on stage. If we want to change that, someone needs to come up with an official plan.
Hi, I think there is something wrong with that fix. First, shouldn't it be report_problem("No location", 404); instead of report_problem(404, "No location"); Second, right now this function returns "null", if the user exists and mysql is used for authentification (since get_user_location() of mysql.php always returns false). Is that correct behavior? In my setup this leads to a problem on the client side (Firefox Sync 1.4.2 on FF 3.6.8). If GET https://server/user/1.0/user/node/weave is called and success 200 "null" is returned, the client just stops. No syncing takes place. The "Sync now" option is grayed out. I don't exactly know what the intendet behavior should be like, but I got it working by replacing the line if ($location === false || $location == "null") { if (!$authdb->user_exists()) report_problem("No location", 404); exit("null"); } with if ($location === false || $location == "null") { if (!$authdb->user_exists()) report_problem("No location", 404); else report_problem(WEAVE_ERROR_FUNCTION_NOT_SUPPORTED, 404); } Since in a single box setup the location functionality is not needed, right? It took me hours to figure that out. I hope this helps. Best regards, Prof_NARF
(In reply to comment #12) > I think there is something wrong with that fix. > > First, shouldn't it be report_problem("No location", 404); instead of > report_problem(404, "No location"); You're right, though Toby fixed it already: http://hg.mozilla.org/services/reg-server/rev/edc839afa2e0 > Second, right now this function returns "null", if the user exists and mysql is > used for authentification (since get_user_location() of mysql.php always > returns false). Is that correct behavior? In my setup this leads to a problem > on the client side (Firefox Sync 1.4.2 on FF 3.6.8). If GET > https://server/user/1.0/user/node/weave is called and success 200 "null" is > returned, the client just stops. No syncing takes place. The "Sync now" option > is grayed out. The server should return "null" whenever there isn't a storage node assigned to a user (but the user exists). This can be used to throttle sync for newly signed up users. It seems like the MySQL connector should probably be fixed to support that use case.
Thank you for your very quick reply. But then the supplied test of the registration server seems to be broken. It expects "No location" for an existing user: output_test ("Get user node", $test == json_encode('No location'), $test);
Ugly. I've found the appropriate way to force "No location" from the mysql client and it's pushed. Updating to tip should solve your problem. This is, incidentally, confirmation that the whole "null/No location" spec question was supposed to be "No location" for everything. I have no idea where the null came from.
null is a special value to the client. It means gracefully delay sync until a node is available without failing.
yeah. Unfortunately, putting that in breaks all the clients trying to talk to servers that don't use node allocation :/
Attachment #457869 - Flags: review?(telliott) → review+
Attachment #457870 - Flags: review?(telliott) → review+
Product: Cloud Services → Cloud Services Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: