← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #36723

[Bug 1483375] [NEW] Bad query.one() usage in endpoint-policy extension

  Thread PreviousDate PreviousThread Next 
Public bug reported:

In the file keystone/endpoint_policy/backends/sql.py, the return of
get_policy_association(..) is a dict in the form {'policy_id':
policy_id}.

However, policy_id was the return of the call:

    session.query(PolicyAssociation.policy_id).one(),

having the following format:

    (PolicyAssociation.policy_id, )

when it is expected to be only that column's value, i.e
PolicyAssociation.policy_id.

This patch fixes the usage of the return of the one() call, returning
only the value of the right column instead of a tuple.

This worked before because the return of get_policy_association(..) is
always used to be passed as a PK filter of the Policy table through the
get_policy(policy_id) call (in the policy backend), which uses the
get(ident) method from SQLAlchemy.

>From the SQLAlchemy docs [1]:

    ident - calar or tuple value representing the primary key.


[1] http://docs.sqlalchemy.org/en/rel_1_0/orm/query.html#sqlalchemy.orm.query.Query.get

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1483375

Title:
  Bad query.one() usage in endpoint-policy extension

Status in Keystone:
  New

Bug description:
  In the file keystone/endpoint_policy/backends/sql.py, the return of
  get_policy_association(..) is a dict in the form {'policy_id':
  policy_id}.

  However, policy_id was the return of the call:

      session.query(PolicyAssociation.policy_id).one(),

  having the following format:

      (PolicyAssociation.policy_id, )

  when it is expected to be only that column's value, i.e
  PolicyAssociation.policy_id.

  This patch fixes the usage of the return of the one() call, returning
  only the value of the right column instead of a tuple.

  This worked before because the return of get_policy_association(..) is
  always used to be passed as a PK filter of the Policy table through
  the get_policy(policy_id) call (in the policy backend), which uses the
  get(ident) method from SQLAlchemy.

  From the SQLAlchemy docs [1]:

      ident - calar or tuple value representing the primary key.

  
  [1] http://docs.sqlalchemy.org/en/rel_1_0/orm/query.html#sqlalchemy.orm.query.Query.get

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1483375/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next