neutron

Quantum crashes with field parameter on querystring and keystone enabled

Bug #1025150 reported by Salvatore Orlando on 2012-07-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Fix Released	High	Salvatore Orlando	neutron 2012.2 "folsom"

Bug Description

When keystone middleware is in the pipeline, Quantum tracebacks and returns 500 for each requests within a non-admin context which specifies the field query string parameter, unless tenant_id is specified in the field list.

This bug can be easily reproduced with the Quantum cli.

1) Enable auth in the pipeline.
2) quantum --os_username <regular_user> --os_password <her_password> --os_tenant_name <regular_tenant> --os_auth_url <where_keystone_is> net-create <whatever_name>
3) quantum --os_username <regular_user> --os_password <her_password> --os_tenant_name <regular_tenant> --os_auth_url <where_keystone_is> net-list -F name
4) Error on quantum cli: ERROR: cliff.app u'tenant_id'

This happens because when the fields query parameter is specified, only the fields specified in the querystring are returned by the plugin (assuming it is inheriting from db_base_plugin_v2). This means that the fields which are then required by the policy engine, such as tenant_id, might not be available for processing by the policy engine.

Traceback available at: http://paste.openstack.org/show/19445/

See original description

Salvatore Orlando (salvatore-orlando) on 2012-07-16

Changed in quantum:
importance:	Undecided → High
assignee:	nobody → Salvatore Orlando (salvatore-orlando)
milestone:	none → folsom-3
description:	updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-07-16: Fix proposed to quantum (master)

Fix proposed to branch: master
Review: https://review.openstack.org/9859

Changed in quantum:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-07-18: Fix merged to quantum (master)

Reviewed: https://review.openstack.org/9859
Committed: http://github.com/openstack/quantum/commit/eeb0b8ed9c0c289a05167c0a78b862d0258393e5
Submitter: Jenkins
Branch: master

commit eeb0b8ed9c0c289a05167c0a78b862d0258393e5
Author: Salvatore Orlando <email address hidden>
Date: Tue Jul 17 09:32:16 2012 -0700

Avoid removal of attributes used by policy engine

Fixes bug1025150

    Ensures that each attribute which is used by the policy engine is not
    removed by the plugin when the 'fields' query parameter is specified.
    This could be better achieved by not having the plugin perform this
    selection, but as it is part of the plugin interface, it's probably better
    not to introduce changes which alter it.

Change-Id: I68ab0998b7113f06da5df74ccd44e390640de475

Changed in quantum:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2012-08-16

Changed in quantum:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2012-09-27

Changed in quantum:
milestone:	folsom-3 → 2012.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.