Bug #13598
closedradosgw-admin: inconsistency in uid/email handling
0%
Description
Hi,
when using radosgw-admin to create users, the 'uid' is not treated as sole unique constraint of the to-be-added user in question, but the email is.
Now while this looks systematically broken, it gets worse: the uniqueness of an 'email'-address of a rgw-user is not enforced properly, since radosgw-admin distinguishes between case sensitivity.
Although RFC 5321, section: 2.3.11 states that the local-part@ can be case-sensitive, the current implementations out there in fact do diverge from that! ;-) .. but, the real bummer is: RFC1035, section 2.3.3, stating:
(...)
For all parts of the DNS that are part of the official protocol, all
comparisons between character strings (e.g., labels, domain names, etc.)
are done in a case-insensitive manner
(...)
So, creating a user with:
a) different uid
b) same email, but a different case (i.e. a@b.cd vs. a@B.CD)
c) same display-name
will work - but, creating a user with:
a) different uid
b) same email (and same case)
c) same display-name
does not. This is quite inconsistent! :-|
Examples of even more inconsistent/broken behavior of radosgw-admin:
radosgw-admin user create --uid=test1 --email="a@b.cd" --display-name="test1"
=> works as expected
radosgw-admin user create --uid=test2 --email="a@b.cd" --display-name="test1"
=> returns just the JSON of user1
radosgw-admin user create --uid=test2 --email="a@b.cd" --display-name="test2"
=> could not create user: unable to create user, user: test1 exists
radosgw-admin user create --uid=test2 --email="a@B.cd" --display-name="test2"
=> creates the user 'test2'