yahoo-eng-team team mailing list archive

[OpenStack Infra <1649412@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/409946
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=e3f55e7b54250f46f8ade623fe9d62586cf780be
Submitter: Jenkins
Branch:    master

commit e3f55e7b54250f46f8ade623fe9d62586cf780be
Author: Ronald De Rose <ronald.de.rose@xxxxxxxxx>
Date:   Mon Dec 12 21:46:27 2016 +0000

    Make user to nonlocal_user a 1:1 relationship
    
    The table relationship between 'user' and 'nonlocal_user' should be
    1 to 1, which is consistent with 'user' to 'local_user'. However, it's
    mistakenly 1 to many. In fact, the backend code treats 'user' to
    'nonlocal_user' as 1:1 and wouldn't allow duplicates, so this will have
    zero impact on existing deployments. This patch fixes this by making the
    user_id column unique.
    
    Closes-Bug: #1649412
    Partially-Implements: bp support-federated-attr
    Change-Id: Ib371df18f3fb2c67e5421cf0bf4551183902cf00


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1649412

Title:
  user to nonlocal_user should be a 1 to 1 table relationship

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  The 'nonlocal_user' table shadows LDAP or custom identity driver
  users. Currently, the 'user' to 'nonlocal_user' table relationship is
  1 to many. However, this is inaccurate. For example, there shouldn't
  be a user with multiple usernames from a single domain; keystone
  doesn't support that. A user belongs to a domain and has a single
  username.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1649412/+subscriptions