yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #77246
[Bug 1818085] [NEW] Application credential role validation has inconsistent error handling
Public bug reported:
If a role is provided by ID, keystone validates it in the app cred
manager and a NotFound is properly masked as a validation error by the
controller. If a role is provided by name, keystone searches for it in
_normalize_role_list in the controller and will raise a NotFound there,
which is returned directly to the user. The problem is demonstrated by
this test:
https://review.openstack.org/640035
Not sure if we can actually do anything about this without technically
breaking the v3 API.
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1818085
Title:
Application credential role validation has inconsistent error handling
Status in OpenStack Identity (keystone):
New
Bug description:
If a role is provided by ID, keystone validates it in the app cred
manager and a NotFound is properly masked as a validation error by the
controller. If a role is provided by name, keystone searches for it in
_normalize_role_list in the controller and will raise a NotFound
there, which is returned directly to the user. The problem is
demonstrated by this test:
https://review.openstack.org/640035
Not sure if we can actually do anything about this without technically
breaking the v3 API.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1818085/+subscriptions