yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1343932] Re: CRUD grant don't check user_id and group_id

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1343932@xxxxxxxxxxxxxxxxxx>
Date: Sun, 23 Nov 2014 04:18:19 -0000
Reply-to: Bug 1343932 <1343932@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

[Expired for Keystone because there has been no activity for 60 days.]

** Changed in: keystone
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1343932

Title:
  CRUD grant don't check user_id and group_id

Status in OpenStack Identity (Keystone):
  Expired

Bug description:
  In Icehouse release, CRUD grant functions[1] don't check if user_id
  and group_id exists.

  role_id, domain_id and project_id are checked and I don't see any
  reason to not check if the user_id and group_ids are valid. I think we
  should change these functions to check if the user and/or group exists
  before creating/updating the grant.

  [1]
  https://github.com/openstack/keystone/blob/stable/icehouse/keystone/assignment/backends/ldap.py#L347

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1343932/+subscriptions

References

[Bug 1343932] [NEW] CRUD grant don't check user_id and group_id
From: Marcos Lobo, 2014-07-18