yahoo-eng-team team mailing list archive

[OpenStack Infra <1880252@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/730423
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=feaf03443807676e0cf56b7a4458b978a065a132
Submitter: Zuul
Branch:    master

commit feaf03443807676e0cf56b7a4458b978a065a132
Author: Jason Anderson <jasonanderson@xxxxxxxxxxxx>
Date:   Fri May 22 16:37:36 2020 -0500

    Support regexes in whitelists/blacklists
    
    This adds support for the "regex" flag for both the "whitelist" and
    "blacklist" conditional types. Before, only the "any_one_of" and
    "not_any_of" conditionals supported this. Similar to the pre-existing
    regex logic, the patterns are matched from the beginning of the string,
    meaning you may need prefix them with ".*" if you do not care about the
    first characters of the match.
    
    Closes-Bug: #1880252
    Change-Id: Ia51f47a58712c7230753f2cfa0c87b83a7339bf9


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1880252

Title:
  RFE: allow regexes in blacklist and whitelist conditionals

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  Currently a regex can be used in the "any_of_one" and "not_any_of"
  conditionals, allowing operators to specify rules not bound to a
  static set of expected values. However, this is not supported for the
  "whitelist" or "blacklist" conditional type.

  Having regex support in these types would bring more flexibility when
  crafting mappings, for example to only map an IdP group to a Keystone
  group if it has a pattern like "CloudUsers-.*".

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1880252/+subscriptions