yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #27244
[Bug 1414876] [NEW] unnecessary checks in assignment/controllers.py
Public bug reported:
There are checks that only one of project/domain or user/group are passed to create/list/check/revoke_grant methods, https://github.com/openstack/keystone/blob/master/keystone/assignment/controllers.py#L496-L504. However,
1. only router calls these methods
2. URL scheme does not accept both project and user simultaneously.
If a user specify a url such as /domains/{domain_id}/projects/{project_id}/users/{user_id}/roles or /domains/{domain_id}/users/{user_id}/groups/{group_id}/roles or etc, he would get a 404 error from router.
That is to say, the cases these methods check would never happen. So, I think these checks can be removed.
** Affects: keystone
Importance: Undecided
Assignee: wanghong (w-wanghong)
Status: In Progress
** Description changed:
- There are checks that only one of project/domain or user/group are passed to create/list/check/revoke_grant methods. However,
+ There are checks that only one of project/domain or user/group are passed to create/list/check/revoke_grant methods, https://github.com/openstack/keystone/blob/master/keystone/assignment/controllers.py#L496-L504. However,
1. only router calls these methods
2. URL scheme does not accept both project and user simultaneously.
If a user specify a url such as /domains/{domain_id}/projects/{project_id}/users/{user_id}/roles or /domains/{domain_id}/users/{user_id}/groups/{group_id}/roles or etc, he would get a 404 error from router.
That is to say, the cases these methods check would never happen. So, I think these checks can be removed.
** Changed in: keystone
Assignee: (unassigned) => wanghong (w-wanghong)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1414876
Title:
unnecessary checks in assignment/controllers.py
Status in OpenStack Identity (Keystone):
In Progress
Bug description:
There are checks that only one of project/domain or user/group are passed to create/list/check/revoke_grant methods, https://github.com/openstack/keystone/blob/master/keystone/assignment/controllers.py#L496-L504. However,
1. only router calls these methods
2. URL scheme does not accept both project and user simultaneously.
If a user specify a url such as /domains/{domain_id}/projects/{project_id}/users/{user_id}/roles or /domains/{domain_id}/users/{user_id}/groups/{group_id}/roles or etc, he would get a 404 error from router.
That is to say, the cases these methods check would never happen. So, I think these checks can be removed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1414876/+subscriptions
Follow ups
References