← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #51564

[Bug 1577804] Re: /v3/users?name=<name> bypasses user_filter for LDAP

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.openstack.org/312126
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=322a744ba852a5a4e59c713a52168fa8db2552ca
Submitter: Jenkins
Branch:    master

commit 322a744ba852a5a4e59c713a52168fa8db2552ca
Author: Matthew Edmonds <edmondsw@xxxxxxxxxx>
Date:   Tue May 3 11:37:42 2016 -0400

    Honor ldap_filter on filtered user list
    
    Fix GET /v3/users?name=<name> to honor conf.ldap.user_filter.
    
    Change-Id: I65cacc04c218a7c87855a305c7e0088ac5860cc8
    Closes-Bug: #1577804


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1577804

Title:
  /v3/users?name=<name> bypasses user_filter for LDAP

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  using the LDAP driver with user_filter, a GET /v3/users?name=<name>
  returns users that do not match the filter.

  e.g.:

  user_filter = (|(uid=arc1_admin)(uid=arc1_stgmgr))

  # openstack user list
  +----------------------------------------------------------------+-------------+
  | ID                                                             | Name        |
  +----------------------------------------------------------------+-------------+
  | 91476076d6686143dff68d08e87358a29daf0725c549008f9c0852d2c7ab8e | arc1_admin  |
  | 42                                                             |             |
  | 8c1beab95fc4c2b009383827f1ea1ec2880fa6eb5bbe42aebd43aab21ad685 | arc1_stgmgr |
  | b2                                                             |             |
  +----------------------------------------------------------------+-------------+

  
  # openstack user show arc1_dep
  +-----------+------------------------------------------------------------------+
  | Field     | Value                                                            |
  +-----------+------------------------------------------------------------------+
  | domain_id | default                                                          |
  | id        | 631bbab78e33e554bc6c7fd53071c6e046fd37680b1b154261bd6183b123e8b0 |
  | name      | arc1_dep                                                         |
  +-----------+------------------------------------------------------------------+

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1577804/+subscriptions

References

  Thread PreviousDate PreviousThread Next