yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1526244] Re: Able to create objects by admin in the particular domain, for incorrect domain Id field name "domain-id".

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Tristan Cacqueray <tdecacqu@xxxxxxxxxx>
Date: Mon, 21 Dec 2015 15:16:52 -0000
Reply-to: Bug 1526244 <1526244@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

According to VMT taxonomy, this is a class E.

** Changed in: ossa
       Status: Incomplete => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1526244

Title:
  Able to create objects by admin in the particular domain, for
  incorrect domain Id field name "domain-id".

Status in OpenStack Identity (keystone):
  In Progress
Status in OpenStack Security Advisory:
  Won't Fix

Bug description:
  Admin is able to create objects(user,group,.) in a particular domain,
  though field name is misspelt as "domain-id" instead of "domain_id".

  Step Followed: User creation by admin with incorrect field name
  "domain-id"

  ubuntu@ubuntu:~$ curl -i -k -X POST -H "Content-Type: application/json" -H "X-AUTH-TOKEN:ae5ed453cf444969953850532cb9b581" <uri:35357>/v3/users -d '{
  > "user":
  >     {
  >         "name":"User Pwr Ranger 50",
  >         "password":"pwd",
  >         "description":"User Creation in another domain",
  >         "domain-id":"37a09709db404e7d97f8a211ebebc93f"
  >     }
  > }'
  HTTP/1.1 201 Created
  Date: Fri, 13 Nov 2015 12:38:22 GMT
  Server: Apache/2.4.7 (Ubuntu)
  Vary: X-Auth-Token
  x-openstack-request-id: req-1cc05a23-065f-4a25-9fcd-90fa827722d3
  Content-Length: 290
  Content-Type: application/json

  {"user": {"links": {"self":
  "<uri:35357>/v3/users/90776556002948dfb44227aef3b042e7"},
  "description": "User Creation in another domain", "name": "User Pwr
  Ranger 50", "enabled": true, "id": "90776556002948dfb44227aef3b042e7",
  "domain_id": "37a09709db404e7d97f8a211ebebc93f"}}

  The user got created in a specified domain "domain-
  id":"37a09709db404e7d97f8a211ebebc93f", even though domain Id field is
  misspelt as "domain-id" instead of "domain_id".

  Hence the issue has to be resolved by creating objects in "default"
  domain when the field name is spelt wrongly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1526244/+subscriptions