Re: [Engine-devel] REST vs. UI validation

----- Original Message ----- > From: "Kari Whitcomb" <Kari.Whitcomb(a)hp.com&gt; > To: "Michael Pasternak" <mpastern(a)redhat.com&gt;, "Vered Volansky" <vered(a)redhat.com&gt; > Cc: engine-devel(a)ovirt.org > Sent: Wednesday, May 1, 2013 8:12:09 PM > Subject: RE: [Engine-devel] REST vs. UI validation > > Thanks for the discussion. One clarifying question below... > > -Kari > >>>> >>>> Vered - I disagree that this is by design. >>>> There is only one definition of what a correct value is, there should be >>>> no >>>> ambiguity about it[1] >>>> If the GUI prohibits you from a legal configuration - it should be >>>> fixed. >>>> if the backend allows an illegal configuration - a CDA should be added. >>>> My two cents - this is not OK, please open bugs (or even better - send >>>> patches!) for the specific issues. >>> >>> This was discussed with Michael (until he answers himself). >>> More info on the issue - >>> The backend validations are less restrictive than UI, but not >>> contradicting it. >>> This IS by design and is not a bug in general. >>> The specific min-max differences example is for sure by design. >>> In some (but I guess not all) cases the reasoning is a thought to expand >> possible values in the future. >>> >>> So this is how things are right now. >>> I agree it looks weird that you might be able to set "illegal" values in >>> REST >> and then connect via UI and see these values. >>> I suppose it can always come up for devel discussion whether that should >>> be >> changed. >> >> you cannot set any illegal value in REST-API, UI is more restrictive >> indeed, >> while api expose all backend capabilities (including those that are >> restricted in >> UI) > > So if I understanding correctly... The backend validations are checking > legality. The UI may in some cases (like the specific ones I mentioned) > impose additional restrictions/validations that further narrow the allowed > input and this is by design and not a bug. Does that sum the current state > about right? Yep.

> > Thanks, > Kari > >>>>> ----- Original Message ----- >>>>>> From: "Kari Whitcomb" <Kari.Whitcomb(a)hp.com&gt; >>>>>> To: engine-devel(a)ovirt.org >>>>>> Sent: Tuesday, April 30, 2013 1:19:00 AM >>>>>> Subject: [Engine-devel] REST vs. UI validation >>>>>> >>>>>> I've been making use of the oVirt REST api, and have noticed that in >>>>>> several >>>>>> cases the validation done for a REST request is different than what >>>>>> the >>>>>> admin UI does. It seems that the UI is generally more restrictive on >>>>>> the >>>>>> data it will accept than the backend. So you can set things up using >>>>>> the >>>>>> REST api that the UI wouldn't let you do. Two examples I've hit >>>>>> recently, >>>>>> both in the cluster policy (load balancing section): >>>>>> >>>>>> - Cluster load balancing policy duration - the UI requires a value >>>>>> between >>>>>> 1 >>>>>> and 100, but the REST api seems to let you set it to any integer. >>>>>> >>>>>> - Cluster load balancing high and low thresholds / max and min service >>>>>> levels >>>>>> - The UI restricts the high value to 51-90% and the low value to >>>>>> 10-50%. >>>>>> But the backend only requires that the values be 0-100% and that low >>>>>> can't >>>>>> be greater than high. >>>>>> >>>>>> So my question - is this intended behavior, or is it a bug that the >>>>>> validation is different? If similar validation should be done through >>>>>> both >>>>>> the UI and REST api, should the UI be less restrictive, or the backend >>>>>> more >>>>>> restrictive? >>>>>> >>>>>> Thanks, >>>>>> Kari > _______________________________________________ Engine-devel mailing list Engine-devel(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-devel