yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1213097] Re: Creating trust with a valid role fails

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Dolph Mathews <1213097@xxxxxxxxxxxxxxxxxx>
Date: Mon, 26 Aug 2013 14:11:51 -0000
Reply-to: Bug 1213097 <1213097@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Changed in: keystone
       Status: Triaged => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1213097

Title:
  Creating trust with a valid role fails

Status in OpenStack Identity (Keystone):
  Invalid

Bug description:
  Attempting to create a trust with a roles list containing the role
  name "admin" fails, with "Could not find role,
  a17235590062411182d3852b7e30dd16.", but this role does exist, and both
  trustee and trustor have the role assigned:

  (note keystoneclient line-numbers may be out because of local
  modifications on top of https://review.openstack.org/#/c/39899/)

  REQ BODY: {"trust": {"impersonation": true, "project_id":
  "f7d52276b01c4931986000913a23deff", "roles": [{"name": "admin"}],
  "trustee_user_id": "794943ea9a57400eb0f708a524d7999f",
  "trustor_user_id": "4859480713f746d79aaa4e80142328a1"}}

  RESP: [404] {'date': 'Fri, 16 Aug 2013 13:45:13 GMT', 'content-type': 'application/json', 'content-length': '115', 'vary': 'X-Auth-Token'}
  RESP BODY: {"error": {"message": "Could not find role, a17235590062411182d3852b7e30dd16.", "code": 404, "title": "Not Found"}}

  Request returned failure status: 404
  Traceback (most recent call last):
    File "trust_pw_test.py", line 61, in <module>
      project=project.id, impersonation=IMPERSONATE, role_names=roles)
    File "/opt/stack/python-keystoneclient/keystoneclient/v3/contrib/trusts.py", line 60, in create
      trustor_user_id=base.getid(trustor_user))
    File "/opt/stack/python-keystoneclient/keystoneclient/base.py", line 73, in func
      return f(*args, **kwargs)
    File "/opt/stack/python-keystoneclient/keystoneclient/base.py", line 244, in create
      self.key)
    File "/opt/stack/python-keystoneclient/keystoneclient/base.py", line 113, in _create
      resp, body = self.api.post(url, body=body)
    File "/opt/stack/python-keystoneclient/keystoneclient/httpclient.py", line 661, in post
      return self._cs_request(url, 'POST', **kwargs)
    File "/opt/stack/python-keystoneclient/keystoneclient/httpclient.py", line 651, in _cs_request
      **kwargs)
    File "/opt/stack/python-keystoneclient/keystoneclient/httpclient.py", line 610, in request
      **request_kwargs)
    File "/opt/stack/python-keystoneclient/keystoneclient/httpclient.py", line 114, in request
      raise exceptions.from_response(resp)
  keystoneclient.exceptions.NotFound: Could not find role, a17235590062411182d3852b7e30dd16. (HTTP 404)
  [root@localhost trust_test]# keystone role-list
  SHDEBUG authenticate trust_id=None
  +----------------------------------+-----------------+
  |                id                |       name      |
  +----------------------------------+-----------------+
  | fb2876a05f724d3e8fe0f562e8737a50 |      Member     |
  | 5887a56fe3104c379ee9d15479b5dc82 |  ResellerAdmin  |
  | 9fe2ff9ee4384b1894a90878d3e92bab |     _member_    |
  | a17235590062411182d3852b7e30dd16 |      admin      |
  | 983d0fc866a94b66883df413d1c8a1c7 |   anotherrole   |
  | 8b4e611fed054889916a091f5fcbee2f | heat_stack_user |
  | d156cc58190d404591a9853e00009886 |     service     |
  +----------------------------------+-----------------+

  [root@localhost trust_test]# keystone user-role-list --user admin
  SHDEBUG authenticate trust_id=None
  +----------------------------------+-------+----------------------------------+----------------------------------+
  |                id                |  name |             user_id              |            tenant_id             |
  +----------------------------------+-------+----------------------------------+----------------------------------+
  | a17235590062411182d3852b7e30dd16 | admin | 794943ea9a57400eb0f708a524d7999f | 20aedb59aeb247b1a5ec7332843ab092 |
  +----------------------------------+-------+----------------------------------+----------------------------------+

  [root@localhost trust_test]# keystone user-role-list --user steve_admin
  SHDEBUG authenticate trust_id=None
  +----------------------------------+----------+----------------------------------+----------------------------------+
  |                id                |   name   |             user_id              |            tenant_id             |
  +----------------------------------+----------+----------------------------------+----------------------------------+
  | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | 4859480713f746d79aaa4e80142328a1 | 20aedb59aeb247b1a5ec7332843ab092 |
  | a17235590062411182d3852b7e30dd16 |  admin   | 4859480713f746d79aaa4e80142328a1 | 20aedb59aeb247b1a5ec7332843ab092 |
  +----------------------------------+----------+----------------------------------+----------------------------------+

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1213097/+subscriptions