Details
-
Type:
Bug
-
Status:
Resolved
-
Priority:
Major
-
Resolution: Won't Fix
-
Affects Version/s: 1.6.4
-
Fix Version/s: None
-
Component/s: RESTful-APIs
-
Security Level: Public
-
Labels:None
Description
if I go to /pools/default UNAUTHENTICATED, I get this output:
{"storageTotals":{"ram":{"quotaUsed":3292528640.0,"usedByData":51643360,"total":4117856256.0,"quotaTotal":3292528640.0,"used":2690134016.0},"hdd":{"usedByData":100352,"total":26912194560.0,"quotaTotal":26912194560.0,"used":8611902258.0,"free":18300292302.0}},"name":"default","nodes":[{"uptime":"8552","memoryTotal":2058928128,"memoryFree":707047424,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"clusterMembership":"active","status":"healthy","hostname":"10.1.5.8:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}},{"uptime":"8668","memoryTotal":2058928128,"memoryFree":720674816,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"clusterMembership":"active","status":"healthy","hostname":"10.1.5.9:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}}],"buckets":{"uri":"/pools/default/buckets"},"controllers":{"addNode":{"uri":"/controller/addNode"},"rebalance":{"uri":"/controller/rebalance"},"failOver":{"uri":"/controller/failOver"},"reAddNode":{"uri":"/controller/reAddNode"},"ejectNode":{"uri":"/controller/ejectNode"},"testWorkload":{"uri":"/pools/default/controller/testWorkload"}},"balanced":true,"failoverWarnings":[],"rebalanceStatus":"none","rebalanceProgressUri":"/pools/default/rebalanceProgress","stopRebalanceUri":"/controller/stopRebalance","nodeStatusesUri":"/nodeStatuses","stats":{"uri":"/pools/default/stats"}}
However, providing authentication gives me this:
{"storageTotals":{"ram":{"quotaUsed":3292528640.0,"usedByData":51643360,"total":4117856256.0,"quotaTotal":3292528640.0,"used":2690134016.0},"hdd":{"usedByData":100352,"total":26912194560.0,"quotaTotal":26912194560.0,"used":8611902258.0,"free":18300292302.0}},"name":"default","nodes":[{"uptime":"8563","memoryTotal":2058928128,"memoryFree":707047424,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"otpNode":"ns_1@10.1.5.8","otpCookie":"vrzdjrhvlqrcaovi","clusterMembership":"active","status":"healthy","hostname":"10.1.5.8:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}},{"uptime":"8679","memoryTotal":2058928128,"memoryFree":720674816,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"otpNode":"ns_1@10.1.5.9","otpCookie":"vrzdjrhvlqrcaovi","clusterMembership":"active","status":"healthy","hostname":"10.1.5.9:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}}],"buckets":{"uri":"/pools/default/buckets"},"controllers":{"addNode":{"uri":"/controller/addNode"},"rebalance":{"uri":"/controller/rebalance"},"failOver":{"uri":"/controller/failOver"},"reAddNode":{"uri":"/controller/reAddNode"},"ejectNode":{"uri":"/controller/ejectNode"},"testWorkload":{"uri":"/pools/default/controller/testWorkload"}},"balanced":true,"failoverWarnings":[],"rebalanceStatus":"none","rebalanceProgressUri":"/pools/default/rebalanceProgress","stopRebalanceUri":"/controller/stopRebalance","nodeStatusesUri":"/nodeStatuses","stats":{"uri":"/pools/default/stats"}}
The output is very SLIGHTLY different (specifically otpNode and otpCookie), but it's confusing for the user to not get all the information back.
Is there any reason to leave this URI available to the unauthenticated?
{"storageTotals":{"ram":{"quotaUsed":3292528640.0,"usedByData":51643360,"total":4117856256.0,"quotaTotal":3292528640.0,"used":2690134016.0},"hdd":{"usedByData":100352,"total":26912194560.0,"quotaTotal":26912194560.0,"used":8611902258.0,"free":18300292302.0}},"name":"default","nodes":[{"uptime":"8552","memoryTotal":2058928128,"memoryFree":707047424,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"clusterMembership":"active","status":"healthy","hostname":"10.1.5.8:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}},{"uptime":"8668","memoryTotal":2058928128,"memoryFree":720674816,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"clusterMembership":"active","status":"healthy","hostname":"10.1.5.9:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}}],"buckets":{"uri":"/pools/default/buckets"},"controllers":{"addNode":{"uri":"/controller/addNode"},"rebalance":{"uri":"/controller/rebalance"},"failOver":{"uri":"/controller/failOver"},"reAddNode":{"uri":"/controller/reAddNode"},"ejectNode":{"uri":"/controller/ejectNode"},"testWorkload":{"uri":"/pools/default/controller/testWorkload"}},"balanced":true,"failoverWarnings":[],"rebalanceStatus":"none","rebalanceProgressUri":"/pools/default/rebalanceProgress","stopRebalanceUri":"/controller/stopRebalance","nodeStatusesUri":"/nodeStatuses","stats":{"uri":"/pools/default/stats"}}
However, providing authentication gives me this:
{"storageTotals":{"ram":{"quotaUsed":3292528640.0,"usedByData":51643360,"total":4117856256.0,"quotaTotal":3292528640.0,"used":2690134016.0},"hdd":{"usedByData":100352,"total":26912194560.0,"quotaTotal":26912194560.0,"used":8611902258.0,"free":18300292302.0}},"name":"default","nodes":[{"uptime":"8563","memoryTotal":2058928128,"memoryFree":707047424,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"otpNode":"ns_1@10.1.5.8","otpCookie":"vrzdjrhvlqrcaovi","clusterMembership":"active","status":"healthy","hostname":"10.1.5.8:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}},{"uptime":"8679","memoryTotal":2058928128,"memoryFree":720674816,"mcdMemoryReserved":1570,"mcdMemoryAllocated":1570,"otpNode":"ns_1@10.1.5.9","otpCookie":"vrzdjrhvlqrcaovi","clusterMembership":"active","status":"healthy","hostname":"10.1.5.9:8091","clusterCompatibility":1,"version":"1.6.4r_96_ge71d887","os":"x86_64-unknown-linux-gnu","ports":{"proxy":11211,"direct":11210}}],"buckets":{"uri":"/pools/default/buckets"},"controllers":{"addNode":{"uri":"/controller/addNode"},"rebalance":{"uri":"/controller/rebalance"},"failOver":{"uri":"/controller/failOver"},"reAddNode":{"uri":"/controller/reAddNode"},"ejectNode":{"uri":"/controller/ejectNode"},"testWorkload":{"uri":"/pools/default/controller/testWorkload"}},"balanced":true,"failoverWarnings":[],"rebalanceStatus":"none","rebalanceProgressUri":"/pools/default/rebalanceProgress","stopRebalanceUri":"/controller/stopRebalance","nodeStatusesUri":"/nodeStatuses","stats":{"uri":"/pools/default/stats"}}
The output is very SLIGHTLY different (specifically otpNode and otpCookie), but it's confusing for the user to not get all the information back.
Is there any reason to leave this URI available to the unauthenticated?
Activity
Sean Lynch
made changes -
| Field | Original Value | New Value |
|---|---|---|
| Status | Open [ 1 ] | Resolved [ 5 ] |
| Resolution | Won't Fix [ 2 ] |