yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #45298
[Bug 1470718] Re: Federation mapping schema validation for "local" attributes could do better
Reviewed: https://review.openstack.org/250162
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=cc2cfff50fd4c44cafb09c6882c905d931c123c8
Submitter: Jenkins
Branch: master
commit cc2cfff50fd4c44cafb09c6882c905d931c123c8
Author: Fernando Diaz <diazjf@xxxxxxxxxx>
Date: Thu Nov 26 00:00:57 2015 -0600
Strengthen Mapping Validation in Federation Mappings
This patch allows for better validation of mappings. Only user,
group, groups, and domain will be allowed as keys in the local
level.
Change-Id: I490f0522829802968024a6ca1cb45c446c6a3e0f
Closes-Bug: #1470718
** Changed in: keystone
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1470718
Title:
Federation mapping schema validation for "local" attributes could do
better
Status in OpenStack Identity (keystone):
Fix Released
Bug description:
I was bitten just now by getting my local attributes slightly wrong
and put the "type" key outside of the "user" block like this:
"local": [
{
"user": {
"name": "{0}",
"domain": {"id": "default"}
},
"type": "local"
}
],
Whereas it should have been like this:
"local": [
{
"user": {
"name": "{0}",
"domain": {"id": "default"},
"type": "local"
}
}
],
The end result was a validation error about not having a group. It
would have taken me ~3 hours less of digging (thanks stevemar!) if the
validation had pointed this error out.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1470718/+subscriptions
References
