yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #25483
[Bug 1401664] [NEW] Update role using LDAP backend requires name
Public bug reported:
When updating a role and the keystone identity server is configured to use LDAP as the backend, you get a 500 error if the update doesn't have the name. For example, if you just disable a role, it fails with a 500 error.
0. Start with devstack configured to use LDAP assignment backend.
1. Get a token:
$ curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
},
"scope": {
"project": {
"name": "demo",
"domain": { "id": "default" }
}
}
}
}' \
http://localhost:35357/v3/auth/tokens ; echo
$ TOKEN=...
2. Pick a role.
$ curl \
-H "X-Auth-Token: $TOKEN" \
http://localhost:35357/v3/roles | python -m json.tool
$ ROLE_ID=36a9eede308d41e8a92effce2e46cc4a
3. Update without a name.
$ curl -X PATCH \
-H "X-Auth-Token: $TOKEN" \
-H "Content-Type: application/json" \
-d '{"role": {"enabled": false}}' \
http://localhost:35357/v3/roles/$ROLE_ID
{"error": {"message": "An unexpected error prevented the server from
fulfilling your request: 'name' (Disable debug mode to suppress these
details.)", "code": 500, "title": "Internal Server Error"}}
The update operation should be successful.
** Affects: keystone
Importance: Undecided
Assignee: Brant Knudson (blk-u)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Brant Knudson (blk-u)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1401664
Title:
Update role using LDAP backend requires name
Status in OpenStack Identity (Keystone):
New
Bug description:
When updating a role and the keystone identity server is configured to use LDAP as the backend, you get a 500 error if the update doesn't have the name. For example, if you just disable a role, it fails with a 500 error.
0. Start with devstack configured to use LDAP assignment backend.
1. Get a token:
$ curl -i \
-H "Content-Type: application/json" \
-d '
{ "auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "admin",
"domain": { "id": "default" },
"password": "adminpwd"
}
}
},
"scope": {
"project": {
"name": "demo",
"domain": { "id": "default" }
}
}
}
}' \
http://localhost:35357/v3/auth/tokens ; echo
$ TOKEN=...
2. Pick a role.
$ curl \
-H "X-Auth-Token: $TOKEN" \
http://localhost:35357/v3/roles | python -m json.tool
$ ROLE_ID=36a9eede308d41e8a92effce2e46cc4a
3. Update without a name.
$ curl -X PATCH \
-H "X-Auth-Token: $TOKEN" \
-H "Content-Type: application/json" \
-d '{"role": {"enabled": false}}' \
http://localhost:35357/v3/roles/$ROLE_ID
{"error": {"message": "An unexpected error prevented the server from
fulfilling your request: 'name' (Disable debug mode to suppress these
details.)", "code": 500, "title": "Internal Server Error"}}
The update operation should be successful.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1401664/+subscriptions
Follow ups
References
