yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1210175] Re: User operations with LDAP Identity and enabled_mask/user_enabled_default fail

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Thu, 05 Sep 2013 09:25:02 -0000
Reply-to: Bug 1210175 <1210175@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => havana-3

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1210175

Title:
  User operations with LDAP Identity and
  enabled_mask/user_enabled_default fail

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  Start with devstack configured for LDAP.

  Change configuration so that user_enabled_mask=2 and
  user_enabled_default=512 and restart Keystone server

  Try to create a user.

   $ keystone user-create --name blktest2 --tenant demo --pass test2pwd
   -- fails

  First problem is, can't get a token.

  (keystone.common.wsgi): 2013-08-08 09:55:38,954 ERROR wsgi __call__ 'enabled'
  Traceback (most recent call last):
    File "/opt/stack/keystone/keystone/common/wsgi.py", line 240, in __call__
      result = method(context, **params)
    File "/opt/stack/keystone/keystone/token/controllers.py", line 80, in authenticate
      context, auth)
    File "/opt/stack/keystone/keystone/token/controllers.py", line 242, in _authenticate_local
      username, DEFAULT_DOMAIN_ID)
    File "/opt/stack/keystone/keystone/common/manager.py", line 44, in _wrapper
      return f(*args, **kw)
    File "/opt/stack/keystone/keystone/identity/backends/ldap.py", line 87, in get_user_by_name
      ref = identity.filter_user(self.user.get_by_name(user_name))
    File "/opt/stack/keystone/keystone/common/ldap/core.py", line 360, in get_by_name
      res = self.get_all(query)
    File "/opt/stack/keystone/keystone/common/ldap/core.py", line 698, in get_all
      return super(EnabledEmuMixIn, self).get_all(filter)
    File "/opt/stack/keystone/keystone/common/ldap/core.py", line 368, in get_all
      for x in self._ldap_get_all(filter)]
    File "/opt/stack/keystone/keystone/identity/backends/ldap.py", line 240, in _ldap_res_to_model
      obj['enabled_nomask'] = obj['enabled']
  KeyError: 'enabled'

  When work around can't get a token, can't create user.

  (keystone.common.wsgi): 2013-08-08 09:57:20,717 ERROR wsgi __call__ unsupported operand type(s) for &: 'str' and 'int'
  Traceback (most recent call last):
    File "/opt/stack/keystone/keystone/common/wsgi.py", line 240, in __call__
      result = method(context, **params)
    File "/opt/stack/keystone/keystone/identity/controllers.py", line 206, in create_user
      new_user_ref = self.identity_api.create_user(user_id, user_ref)
    File "/opt/stack/keystone/keystone/identity/core.py", line 72, in create_user
      return self.driver.create_user(user_id, user)
    File "/opt/stack/keystone/keystone/identity/backends/ldap.py", line 93, in create_user
      user_ref = self.user.create(user)
    File "/opt/stack/keystone/keystone/identity/backends/ldap.py", line 260, in create
      self.mask_enabled_attribute(values)
    File "/opt/stack/keystone/keystone/identity/backends/ldap.py", line 250, in mask_enabled_attribute
      if value != ((values['enabled_nomask'] & self.enabled_mask) !=
  TypeError: unsupported operand type(s) for &: 'str' and 'int'

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1210175/+subscriptions