search

apache / cloudstack

Apache CloudStack is an opensource Infrastructure as a Service (IaaS) cloud computing platform
https://cloudstack.apache.org/
Apache License 2.0
1.98k stars 1.09k forks source link

Deleted userdata owned by a deleted account remains linked with the template #9477

Open shwstppr opened 1 month ago

shwstppr commented 1 month ago
ISSUE TYPE
COMPONENT NAME
Server
CLOUDSTACK VERSION
4.19 branch, most likely earlier versions
CONFIGURATION

NA

OS / ENVIRONMENT

NA

SUMMARY

Deleted userdata owned by a deleted account remains linked with the template. In UI it produces a 404 error. During VM deployment with the linked template it return error like, UserData linked to the template CentOS 5.6(64-bit) no GUI (XenServer) is not found

STEPS TO REPRODUCE
1. As the admin, create a new user account
2. As the new user, register a userdata
3. As the admin, link the userdata to a template
4. As the admin, delete the new user
5. Observer userdata remains linked to the template

https://github.com/user-attachments/assets/7e97ae35-0875-4152-aaa0-1dab44e2148f

EXPECTED RESULTS
Maybe either an error while deleting the user account or the userdata that gets deleted is unlinked from the template
ACTUAL RESULTS
Delete userdata remains linked to the template
shwstppr commented 1 month ago

@harikrishna-patnala any thoughts on this

harikrishna-patnala commented 1 month ago

Yes @shwstppr seems like a valid issue.

Regarding the fix, I think we should allow linking of the userdata to the template only if both are created by that user. If we have to go with the fix of restricting the deletion of the user just because he/she created a userdata and linked to a template.

DaanHoogland commented 1 month ago

Regarding the fix, I think we should allow linking of the userdata to the template only if both are created by that user. If we have to go with the fix of restricting the deletion of the user just because he/she created a userdata and linked to a template.

@harikrishna-patnala , that doesn't sound right. Let's discuss the scenarios, as the one described by @shwstppr is certainly not the only one that pertains to this linkage of resources:

on the one hand, removing the link might be resulting in unexpected behaviour of the VMs/template. On the other hand, a delete with cleanup should work on the account (and thus the user).