500 Returned when trying to PUT /users/<USER_ID>/enabled

When tracking down bug #1018635, I'm getting a 500 from Keystone:

======================================================================
ERROR: Disabled user's token should not get authenticated
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/jpipes/repos/tempest/tempest/tests/identity/admin/test_users.py", line 169, in test_authentication_for_disabled_user
    self.disable_user(self.data.test_user)
  File "/home/jpipes/repos/tempest/tempest/tests/identity/base.py", line 72, in disable_user
    self.client.enable_disable_user(user['id'], False)
  File "/home/jpipes/repos/tempest/tempest/services/identity/json/admin_client.py", line 155, in enable_disable_user
    put_body, self.headers)
  File "/home/jpipes/repos/tempest/tempest/common/rest_client.py", line 163, in put
    return self.request('PUT', url, headers, body)
  File "/home/jpipes/repos/tempest/tempest/common/rest_client.py", line 229, in request
    raise exceptions.IdentityError(message)
IdentityError: Got identity error
Details: An unexpected error prevented the server from fulfilling your request. 'id'

Looking at a log from Keystone during test:

http://paste.openstack.org/show/19310/

We see the following traceback:

Traceback (most recent call last):
  File "/opt/stack/keystone/keystone/common/wsgi.py", line 204, in __call__
    result = method(context, **params)
  File "/opt/stack/keystone/keystone/identity/core.py", line 509, in set_user_enabled
    return self.update_user(context, user_id, user)
  File "/opt/stack/keystone/keystone/identity/core.py", line 490, in update_user
    user_ref = self.identity_api.update_user(context, user_id, user)
  File "/opt/stack/keystone/keystone/common/manager.py", line 47, in _wrapper
    return f(*args, **kw)
  File "/opt/stack/keystone/keystone/identity/backends/sql.py", line 47, in wrapper
    return method(*args, **kwargs)
  File "/opt/stack/keystone/keystone/identity/backends/sql.py", line 362, in update_user
    if user_id != user['id']:
KeyError: 'id'

The JSON being sent in the request is the following:

{'enabled': false}

It seems that the router in Keystone is routing requests for PUT /users/<USER_ID>/enabled to UserController.set_user_enabled(), which in turn simply calls the driver's update_user() method, passing in an empty dict for the user param. This, in turn, bombs when reaching this part of the code in sql.py:

    @handle_conflicts(type='user')
    def update_user(self, user_id, user):
        session = self.get_session()
        if user_id != user['id']:
            raise exception.ValidationError('Cannot change user ID')

I believe the solution should be to check to see if the user dict supplied to update_user() actually contains an 'id' key before checking it against the supplied user_id param.