Return 404 error if perform an action against a non existent Physical Server

[douglasgabriel]

This PR is able to:

• Fix the error that returns a 200 code if try to perform an action against a non existent PH;
• Return 404 if the ID of the Physical Server doesn't exist.

[douglasgabriel]

Hi @imtayadeway @agrare, could you review this PR?

[douglasgabriel]

@miq-bot add_label gaprindashvili/yes

[abellotti]

while this might be ok for targeting a single resource, this will be incompatible with and break the behavior on bulk requests. Note that for bulk requests, we don't want to interrupt the request mid-flight and return the 404, callers won't know what was, wasn't done. The action result signature while is a 200 has the success attribute which can be queried. This allows us to complete bulk requests even if a couple of resources in the middle of the request do not exist.

[jntullo]

I agree with @abellotti. You may want to look into what has been done on delete, you may be able to do something similar to handle both scenarios if this is required.

[douglasgabriel]

@abellotti and @jntullo I believe that with the changes on here this problem is solved, right?

[jntullo]

@douglasgabriel that update has unintended consequences to other controllers as can be seen by the Travis failures. For now, I would keep the update contained to this particular method.

[douglasgabriel]

Sorry about that @jntullo, I fixed this

[jntullo]

@douglasgabriel can you please add tests? Thanks!

[abellotti]

I think this method should probably go in lib/api/request_adapter.rb, WDYT @jntullo ?

[jntullo]

@abellotti yeah, i agree with that

[douglasgabriel]

@abellotti @jntullo Done 👍

[abellotti]

LGTM. @jntullo ?

[miq-bot]

This pull request is not mergeable. Please rebase and repush.

[abellotti]

ping @imtayadeway @jntullo any updates needed here ?

[imtayadeway]

Thanks for your effort here! This looks agreeable in general....but I think the codeclimate complaints are justified and it would be good to address that in this PR. It's also not clear why you needed to rescue error in multiple places from your single test - I think we need at least one test for every path that's described by your changes here. Thanks!

[imtayadeway]

@douglasgabriel thanks for your patience! It took me a while to work through. I think I can now pinpoint what I was unsure about before: this change introduces a change of behavior for all the different actions that physical servers support, but there's only one test, for one of the actions. We are going to need tests for each action, and also ensure that we have good coverage for each action in the case that we want to preserve (bulk actions always respond with 200) as a prerequisite to getting this merged.

Indeed, the only change that's required for your existing test to pass is the following:

@@ -54,6 +54,9 @@ module Api
 
     def change_resource_state(state, type, id)
       raise BadRequestError, "Must specify an id for changing a #{type} resource" unless id
+      if single_resource? && !collection_class(type).exists?(id)
+        raise NotFoundError
+      end
 
       api_action(type, id) do |klass|
         begin

And I think that might be OK, too. You'll need to add something similar to the refresh action. In a pinch, you could extract that into a private method (though try to avoid using predicate methods as guard clauses, as you have with id_present?. ensure_id_present or similar would be better). I'd recommend trying to do that instead of trying to refactor refreshes to be a kind of state change. Even though there's incidental duplication there, that's OK - a refresh is not a state change per se and the implementation might change for different reasons to the other actions.

[douglasgabriel]

Hm, good point and good suggestion, I agree with you

[douglasgabriel]

It's done @imtayadeway 👍

[abellotti]

why is this method needed ? resource_search would throw the NotFoundError plus do the necessary RBAC validation.

[imtayadeway]

@abellotti it does, but we don't want it caught by the api_action block, which will always respond with a 200. Performing another resource_search would be unnecessarily expensive if we only want to check for existence.

@douglasgabriel you may want to use our own NotFoundError here

[imtayadeway]

I think it would be OK not to extract this into a private method, since that alters the message to talk about "changing" here, instead of "refreshing". Again, I think it's an acceptable structural similarity.

[imtayadeway]

I think it may be more appropriate to say:

ensure_resource_exists(type, id) if single_request?

Since we're trying to express that we don't care if a resource exists at this point for a bulk operation, because it's handled elsewhere.

[imtayadeway]

Was there a reason this was moved? I think it would be better to leave it here if it is not essential to fixing the bug

[douglasgabriel]

Well, ok. it was just for code organization reason

[miq-bot]

Checked commit douglasgabriel@124743a with ruby 2.3.3, rubocop 0.47.1, haml-lint 0.20.0, and yamllint 1.10.0
2 files checked, 0 offenses detected
Everything looks fine. ⭐

[imtayadeway]

Thanks @douglasgabriel for your work on this! LGTM

[douglasgabriel]

Thank you for the support 👍

[simaishi]

Gaprindashvili backport details:

$ git log -1
commit a5e20f83f4b4a760e4e1b839589a3496ed17e7e2
Author: Chris Arcand <chrisarcand@users.noreply.github.com>
Date:   Mon Dec 18 08:42:29 2017 -0600

    Merge pull request #202 from douglasgabriel/XCS-503
    
    Return 404 error if perform an action against a non existent Physical Server
    (cherry picked from commit d17fd1859f46e7fb83f1ef604418efc669a3550d)