Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 2.11.0 GA
Affects Version/s: SaaS, 2.9.1 GA
Component/s: System
Labels:
- 2.11-candidate2
- support

Blocked:
False
Ready:
False
3Scale PT Tested upstream:
Not Started
3scale PT Docs:
Not Started
3scale PT Product Specs:
Not Started
3scale PT Product Update Ready:
Not Started
3scale PT Released In Saas:
Not Started
3scale PT Verified Product:
Not Started
Doc Required:
No
Release Note Text:
Undefined
Workaround:

Workaround Exists
Workaround Description:
Hide

Copy the _usage_rules.html.slim file:

oc rsh -c system-provider system-app-<pod-id> cat /opt/system/app/views/api/services/forms/_usage_rules.html.slim > _usage_rules.html.slim

Change the copied _usage_rules.html.slim file from lines 9 to 18, it should look like this:

- if @service.backend_version == "2" = form.input :buyers_manage_keys = form.input :mandatory_app_key - if @service.backend_version > "2" = form.input :buyer_key_regenerate_enabled = form.input :referrer_filters_required, as: :boolean = form.input :custom_keys_enabled

Create a ConfigMap, i.e. "usage-rules" and attach it as volume in system-app:

oc create configmap usage-rules --from-file=_usage_rules.html.slim oc set volume dc/system-app --add --name=usage-rules-form -m=/opt/system/app/views/api/services/forms/_usage_rules.html.slim --sub-path=_usage_rules.html.slim -t configmap --configmap-name=usage-rules

Copy the en.yml file:

oc rsh -c system-provider system-app-20-rzrw7 cat /opt/system/config/locales/en.yml > en.yml

Change this line in en.yml to:

buyer_key_regenerate_enabled: "Allow developers to regenerate Client Secret"

Create a ConfigMap, i.e. "regenerate-definition" and attach it as volume in system-app:

oc create configmap regenerate-definition --from-file=en.yml oc set volume dc/system-app --add --name=regenerate-definition-change -m=/opt/system/config/locales/en.yml --sub-path=en.yml -t configmap --configmap-name=regenerate-definition

Redeploy system-app if it hasn't redeployed automatically

After system-app is redeployed check that "Allow developers to regenerate Client Secret" appears in the Usage Rules and the red "Regenerate" button is not rendered in the developer portal when "Allow developers to regenerate Client Secret" is disabled.
Show
Copy the _usage_rules.html.slim file: oc rsh -c system-provider system-app-<pod-id> cat /opt/system/app/views/api/services/forms/_usage_rules.html.slim > _usage_rules.html.slim Change the copied _usage_rules.html.slim file from lines 9 to 18, it should look like this: - if @service.backend_version == "2" = form.input :buyers_manage_keys = form.input :mandatory_app_key - if @service.backend_version > "2" = form.input :buyer_key_regenerate_enabled = form.input :referrer_filters_required, as: : boolean = form.input :custom_keys_enabled Create a ConfigMap, i.e. "usage-rules" and attach it as volume in system-app: oc create configmap usage-rules --from-file=_usage_rules.html.slim oc set volume dc/system-app --add --name=usage-rules-form -m=/opt/system/app/views/api/services/forms/_usage_rules.html.slim --sub-path=_usage_rules.html.slim -t configmap --configmap-name=usage-rules Copy the en.yml file: oc rsh -c system-provider system-app-20-rzrw7 cat /opt/system/config/locales/en.yml > en.yml Change this line in en.yml to: buyer_key_regenerate_enabled: "Allow developers to regenerate Client Secret" Create a ConfigMap, i.e. "regenerate-definition" and attach it as volume in system-app: oc create configmap regenerate-definition --from-file=en.yml oc set volume dc/system-app --add --name=regenerate-definition-change -m=/opt/system/config/locales/en.yml --sub-path=en.yml -t configmap --configmap-name=regenerate-definition Redeploy system-app if it hasn't redeployed automatically After system-app is redeployed check that "Allow developers to regenerate Client Secret" appears in the Usage Rules and the red "Regenerate" button is not rendered in the developer portal when "Allow developers to regenerate Client Secret" is disabled.
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Current behaviour

Service with OIDC authentication mode.
Under Service > Applications - Settings > Usage Rules it is possible to disable the ability to manage keys for the developers in the developer portal.
When Developers can manage Keys is disabled, the red “Regenerate” button is printed in the developer portal.
When clicking the “Regenerate” button in the developer portal it is displayed “Access denied” with the application background. See screenshot attached (access denied error.png).

Expected behaviour

According to liquid statement the regenerate button shouldn’t be printed when Developers can manage Keys is disabled. See screenshot attached (client secret cannot be regenerated.png)
Allow developers to regenerate access key should be replace by “Allow developers to regenerate Client secrets”. See screenshot attached (fix usage rule definition.png).

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

Fix_usage_rule_definition.png
2020/11/03 9:08 AM
45 kB
Anna Vila Tusell
client secret cannot be regenerated.png
2020/11/03 9:02 AM
92 kB
Anna Vila Tusell
access denied error.png
2020/11/03 9:01 AM
217 kB
Anna Vila Tusell

relates to

THREESCALE-6296 Redundant feature in usage rules when using app_id & app_key mode

Closed

links to

Regenerating the Client Secret in the Developer portal if the feature is disabled results in a wrong rendering

Assignee:: Unassigned

Reporter:: Anna Vila Tusell

Tester:: Alexander Zgabur

Developer:: Anna Vila Tusell

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2020/11/03 8:55 AM

Updated:: 2024/03/25 6:52 PM

Resolved:: 2021/10/21 1:04 PM

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Hide