yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #07058
[Bug 1259426] [NEW] LDAP list group users crash when no member in the group
Public bug reported:
Using the LDAP identity backend,
If there is no member in the group and using GET http://{IP}:35357/v3/groups/{group_id}/users to get the user list
Keystone will return 500.
The traceback as below:
[-] 'member'
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 238, in __call__
result = method(context, **params)
File "/usr/lib/python2.7/dist-packages/keystone/common/controller.py", line 200, in wrapper
return f(self, context, filters, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystone/identity/controllers.py", line 700, in list_users_in_group
domain_scope=self._get_domain_id_for_request(context))
File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 177, in wrapper
return f(self, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 441, in list_users_in_group
user_list = driver.list_users_in_group(group_id)
File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 162, in list_users_i
n_group
for user_dn in self.group.list_group_users(group_id):
File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 352, in list_group_users
user_dns = member[self.member_attribute] #if member else []
KeyError: 'member'
** Affects: keystone
Importance: Undecided
Assignee: Lin, Bo-Chun (sherry7737)
Status: In Progress
** Description changed:
- Using the LDAP identity backend,
- If there is no member in the group and using GET http://10.2.2.1:35357/v3/groups/{group_id}/users to get the user list
+ Using the LDAP identity backend,
+ If there is no member in the group and using GET http://{IP}:35357/v3/groups/{group_id}/users to get the user list
Keystone will return 500.
The traceback as below:
- ERROR keystone.common.wsgi [-] 'member'
- TRACE keystone.common.wsgi Traceback (most recent call last):
- TRACE keystone.common.wsgi File "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 238, in __call__
- TRACE keystone.common.wsgi result = method(context, **params)
- TRACE keystone.common.wsgi File "/usr/lib/python2.7/dist-packages/keystone/common/controller.py", line 200, in wrapper
- TRACE keystone.common.wsgi return f(self, context, filters, **kwargs)
- TRACE keystone.common.wsgi File "/usr/lib/python2.7/dist-packages/keystone/identity/controllers.py", line 700, in list_users_in_group
- TRACE keystone.common.wsgi domain_scope=self._get_domain_id_for_request(context))
- TRACE keystone.common.wsgi File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 177, in wrapper
- TRACE keystone.common.wsgi return f(self, *args, **kwargs)
- TRACE keystone.common.wsgi File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 441, in list_users_in_group
- TRACE keystone.common.wsgi user_list = driver.list_users_in_group(group_id)
- TRACE keystone.common.wsgi File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 162, in list_users_i
+ [-] 'member'
+ Traceback (most recent call last):
+ File "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 238, in __call__
+ result = method(context, **params)
+ File "/usr/lib/python2.7/dist-packages/keystone/common/controller.py", line 200, in wrapper
+ return f(self, context, filters, **kwargs)
+ File "/usr/lib/python2.7/dist-packages/keystone/identity/controllers.py", line 700, in list_users_in_group
+ domain_scope=self._get_domain_id_for_request(context))
+ File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 177, in wrapper
+ return f(self, *args, **kwargs)
+ File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 441, in list_users_in_group
+ user_list = driver.list_users_in_group(group_id)
+ File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 162, in list_users_i
n_group
- TRACE keystone.common.wsgi for user_dn in self.group.list_group_users(group_id):
- TRACE keystone.common.wsgi File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 352, in list_group_users
- TRACE keystone.common.wsgi user_dns = member[self.member_attribute] #if member else []
- TRACE keystone.common.wsgi KeyError: 'member'
+ for user_dn in self.group.list_group_users(group_id):
+ File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 352, in list_group_users
+ user_dns = member[self.member_attribute] #if member else []
+ KeyError: 'member'
** Changed in: keystone
Assignee: (unassigned) => Lin, Bo-Chun (sherry7737)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1259426
Title:
LDAP list group users crash when no member in the group
Status in OpenStack Identity (Keystone):
In Progress
Bug description:
Using the LDAP identity backend,
If there is no member in the group and using GET http://{IP}:35357/v3/groups/{group_id}/users to get the user list
Keystone will return 500.
The traceback as below:
[-] 'member'
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 238, in __call__
result = method(context, **params)
File "/usr/lib/python2.7/dist-packages/keystone/common/controller.py", line 200, in wrapper
return f(self, context, filters, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystone/identity/controllers.py", line 700, in list_users_in_group
domain_scope=self._get_domain_id_for_request(context))
File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 177, in wrapper
return f(self, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 441, in list_users_in_group
user_list = driver.list_users_in_group(group_id)
File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 162, in list_users_i
n_group
for user_dn in self.group.list_group_users(group_id):
File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap.py", line 352, in list_group_users
user_dns = member[self.member_attribute] #if member else []
KeyError: 'member'
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1259426/+subscriptions
Follow ups
References