yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #04188
[Bug 1203881] Re: API allows the ID of a policy entity to be changed
I'm also unable to reproduce on master.
$ http post http://localhost:35357/v3/policies '{"policy": {"name": "trivial-true", "blob": "true", "type": "application/json"}}' --x-auth-token=ADMIN
{
"policy": {
"id": "d462e2f7aef9455283fc47b83425a185",
"type": "application/json",
"blob": "true",
"links": {
"self": "http://localhost:5000/v3/policies/d462e2f7aef9455283fc47b83425a185"
},
"name": "trivial-true"
}
}
$ http patch http://localhost:35357/v3/policies/d462e2f7aef9455283fc47b83425a185 '{"policy": {"id": "custom-id", "name": "always-true"}}' --x-auth-token=ADMIN
{
"error": {
"message": "Cannot change policy ID",
"code": 400,
"title": "Bad Request"
}
}
** Changed in: keystone
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1203881
Title:
API allows the ID of a policy entity to be changed
Status in OpenStack Identity (Keystone):
Invalid
Bug description:
Entity IDs are meant to be immutable. In all cases, except for the
policy entity, this is true. The Update Policy call, however, fails
to check whether the ID has been changed, allowing the policy ID to be
updated.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1203881/+subscriptions