yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1525317] Re: IdP doesn't support field based DB filtering

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1525317@xxxxxxxxxxxxxxxxxx>
Date: Tue, 19 Jan 2016 17:45:57 -0000
Reply-to: Bug 1525317 <1525317@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Reviewed:  https://review.openstack.org/215041
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=cdd3ac454c2850ab72883963aa6bd6a0d80fe56f
Submitter: Jenkins
Branch:    master

commit cdd3ac454c2850ab72883963aa6bd6a0d80fe56f
Author: Dave Chen <wei.d.chen@xxxxxxxxx>
Date:   Sat Dec 12 08:51:50 2015 +0800

    Enable `id`, `enabled` attributes filtering for list IdP API
    
    list IdP currently doesn't support to filter records by any
    attributes, but this is used somewhere, such as OpenStack
    Client using `name` to filter the record.
    
    IdP doesn't has `name` attribute but has `id`, `enabled`
    attributes instead.
    
    This patch enables the filtering of Identity Provider based
    on `id`, `enabled` attributes so that OpenStack Client or the
    CURL query can benefit from it.
    
    Change-Id: Ib672ba759d26bdd0eecd48451994b3451fb8648a
    Related-Bug: #1479837
    Closes-Bug: #1525317


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1525317

Title:
  IdP doesn't support field based DB filtering

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  Currently, IdP doesn't support to filter the DB records based on the
  field,  for example,

  If config the DB like this,
  mysql> select * from identity_provider;
  +------+---------+-------------+
  | id   | enabled | description |
  +------+---------+-------------+
  | idp1 |       1 | NULL        |
  | idp2 |       1 | NULL        |
  +------+---------+-------------+
  2 rows in set (0.00 sec)

  And I query the IdP by this curl, I get all of the records from DB,

  curl -g -i -X GET http://127.0.0.1:35357/v3/OS-
  FEDERATION/identity_providers?id=idp1 -H "User-Agent: python-
  keystoneclient" -H "Accept: application/json" -H "X-Auth-Token:
  f74ac35177cb4720891a9cfed5ea1b9c"

  {
   "links": {
    "self": "http://10.239.48.36:35357/v3/OS-FEDERATION/identity_providers?id=idp1";,
    "previous": null,
    "next": null
   },
   "identity_providers": [{
    "remote_ids": [],
    "enabled": true,
    "id": "idp1",
    "links": {
     "self": "http://10.239.48.36:35357/v3/OS-FEDERATION/identity_providers/idp1";,
     "protocols": "http://10.239.48.36:35357/v3/OS-FEDERATION/identity_providers/idp1/protocols";
    },
    "description": null
   }, {
    "remote_ids": [],
    "enabled": true,
    "id": "idp2",
    "links": {
     "self": "http://10.239.48.36:35357/v3/OS-FEDERATION/identity_providers/idp2";,
     "protocols": "http://10.239.48.36:35357/v3/OS-FEDERATION/identity_providers/idp2/protocols";
    },
    "description": null
   }]
  }

  This feature should be supported since OSC depends on this to filter
  the DB records that is wanted.

  Noted: Open this bug since it's different with
  https://bugs.launchpad.net/python-openstackclient/+bug/1479837, they
  are two different things, and I think this sound like a feature that
  keystone should support.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1525317/+subscriptions