OpenStack Identity (keystone)

Attempt to add role to nonexistant user on tenant is not throwing an error

Bug #1006334 reported by Rajalakshmi Ganesan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Low
Dolph Mathews
OpenStack Identity (keystone) 2012.2 "folsom"

Bug Description

Attempt to add role to non existant user on tenant is not throwing an appropriate error message.

Expected Result:
Error message stating that user is not found should be thrown. i.e an error code of 404 should be thrown leading to Not Found exception.

Actual result:
Response code of 200 is returned and details of role in response body.

The response header and body are as follows:
{'date': 'Wed, 30 May 2012 15:20:07 GMT', 'content-type': 'application/json', 'content-length': '80', 'status': '200', 'vary': 'X-Auth-Token'}
{"role": {"id": "d1e7703c561148eca4826f0af79a3cc8", "name": "role-20991507068"}}

LOG:
----------
rajalakshmi_ganesan@pshys0183~json:-( >keystone --debug user-role-add --tenant_id 22de173542754eef8996521b731ae7ef --user 999 --role 66866c41031646439ed52da8a4f5d1a2
connect: (10.233.52.27, 5000)
send: 'POST /v2.0/tokens HTTP/1.1\r\nHost: 10.233.52.27:5000\r\nAccept-Encoding: identity\r\nContent-Length: 127\r\ncontent-type: application/json\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"passwordCredentials": {"username": "admin", "password": "muralik"}, "tenantId": "22de173542754eef8996521b731ae7ef"}}'
reply: 'HTTP/1.1 200 OK\r\n'
header: Content-Type: application/json
header: Vary: X-Auth-Token
header: Content-Length: 2229
header: Date: Wed, 30 May 2012 16:09:12 GMT
connect: (10.233.52.27, 35357)
send: u'PUT /v2.0/tenants/22de173542754eef8996521b731ae7ef/users/999/roles/OS-KSADM/66866c41031646439ed52da8a4f5d1a2 HTTP/1.1\r\nHost: 10.233.52.27:35357\r\nAccept-Encoding: identity\r\nContent-Length: 4\r\nx-auth-token: 63c1b98c11b9439b9554a8298ea1bdc8\r\ncontent-type: application/json\r\nuser-agent: python-keystoneclient\r\n\r\nnull'
reply: 'HTTP/1.1 200 OK\r\n'
header: Content-Type: application/json
header: Vary: X-Auth-Token
header: Content-Length: 69
header: Date: Wed, 30 May 2012 16:09:12 GMT
rajalakshmi_ganesan@pshys0183~json:-)>keystone --debug user-role-add --tenant_id 22de173542754eef8996521b731ae7ef --user alpha --role 66866c41031646439ed52da8a4f5d1a2
connect: (10.233.52.27, 5000)
send: 'POST /v2.0/tokens HTTP/1.1\r\nHost: 10.233.52.27:5000\r\nAccept-Encoding: identity\r\nContent-Length: 127\r\ncontent-type: application/json\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"passwordCredentials": {"username": "admin", "password": "muralik"}, "tenantId": "22de173542754eef8996521b731ae7ef"}}'
reply: 'HTTP/1.1 200 OK\r\n'
header: Content-Type: application/json
header: Vary: X-Auth-Token
header: Content-Length: 2229
header: Date: Wed, 30 May 2012 16:09:33 GMT
connect: (10.233.52.27, 35357)
send: u'PUT /v2.0/tenants/22de173542754eef8996521b731ae7ef/users/alpha/roles/OS-KSADM/66866c41031646439ed52da8a4f5d1a2 HTTP/1.1\r\nHost: 10.233.52.27:35357\r\nAccept-Encoding: identity\r\nContent-Length: 4\r\nx-auth-token: e3710202b5494d11a373b4e657bdfd05\r\ncontent-type: application/json\r\nuser-agent: python-keystoneclient\r\n\r\nnull'
reply: 'HTTP/1.1 200 OK\r\n'
header: Content-Type: application/json
header: Vary: X-Auth-Token
header: Content-Length: 69
header: Date: Wed, 30 May 2012 16:09:33 GMT
rajalakshmi_ganesan@pshys0183~json:-)>

Rajalakshmi Ganesan (rajalakshmi-ganesan)
affects: tempest → keystone
Revision history for this message
Rohit Karajgi (rohitk) wrote :

Looks like a dup of https://bugs.launchpad.net/keystone/+bug/999608, however with different results.
What branch did you see this on?

Revision history for this message
Dolph Mathews (dolph) wrote :

This is fixed by a patch already in review: https://review.openstack.org/#/c/6875/

After applying above referenced patch: http://paste.openstack.org/raw/18240/

Changed in keystone:
assignee: nobody → Dolph Mathews (dolph)
importance: Undecided → Low
status: New → In Progress
Ravikumar Venkatesan (ravikumar-venkatesan)
affects: keystone → tempest
affects: tempest → python-keystoneclient
affects: python-keystoneclient → keystone
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/6875
Committed: http://github.com/openstack/keystone/commit/23ca656927947dada40591bdd1badd5a531c2983
Submitter: Jenkins
Branch: master

commit 23ca656927947dada40591bdd1badd5a531c2983
Author: Dolph Mathews <email address hidden>
Date: Wed Mar 28 10:37:16 2012 -0700

    Refactor 404's into managers & drivers (bug 968519)

    The goal is to move the responsibility of reference checks away from
    controllers and into the underlying managers & drivers, which can
    handle the task with equal or greater efficiency.

    - Tenant references from create_user/update_user are NOT tested
      due to inconsistencies between backends
    - Additional test coverage improvements

    Also fixes bug 999209, bug 999608, bug 1006029, bug 1006055, bug 1006287,
    bug 1006334, and bug 1006344.

    Change-Id: I7de592e7dd4518038436b9a9fdaab559b00a0537

Changed in keystone:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in keystone:
milestone: none → folsom-2
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in keystone:
milestone: folsom-2 → 2012.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.