OpenStack Identity (keystone)

Filter by attribute not fully supported in v3 keystone identity implementation

Bug #1101240 reported by Henry Nash on 2013-01-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	High	Henry Nash	OpenStack Identity (keystone) 2013.1 "grizzly"

Bug Description

Not all the v3 entity types have their filter attributes implemented (e.g. Domains, Users, Groups). 'Credentials' do seem to have them implemented, however, as an example.

Relatively simple to fix - just need to add the filters into the identity controller v3 crud implementations.

Henry Nash (henry-nash) on 2013-02-16

Changed in keystone:
assignee:	nobody → Henry Nash (henry-nash)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-02-18: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/22223

Changed in keystone:
status:	New → In Progress

OpenStack Infra (hudson-openstack) on 2013-02-20

Changed in keystone:
assignee:	Henry Nash (henry-nash) → Dolph Mathews (dolph)

OpenStack Infra (hudson-openstack) on 2013-02-20

Changed in keystone:
assignee:	Dolph Mathews (dolph) → Henry Nash (henry-nash)

Thierry Carrez (ttx) on 2013-02-21

Changed in keystone:
milestone:	grizzly-3 → grizzly-rc1

Thierry Carrez (ttx) on 2013-02-21

Changed in keystone:
milestone:	grizzly-rc1 → grizzly-3

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-02-21: Fix merged to keystone (master)

Reviewed: https://review.openstack.org/22223
Committed: http://github.com/openstack/keystone/commit/329aeca9f9db4badc82d72907e7891c7d2de2f4b
Submitter: Jenkins
Branch: master

commit 329aeca9f9db4badc82d72907e7891c7d2de2f4b
Author: Henry Nash <email address hidden>
Date: Mon Feb 18 10:29:43 2013 +0000

Pass query filter attributes to policy engine

    With the v3 api, there will be cases when a cloud provider will want
    to be able to protect apis by matching items in the query filter
    string. A classic case would be:

GET /users?domain_id=mydomain

    The change augments the v3 controller protection wrapper with one
    that will also pass in filter parameters. Since this filter list
    also equates to the filter_by_attribute code that the subsequent
    api call will make, the filterprotection wrapper passes the filter
    list into the api call, allowing the code body to not have to
    re-specify the same list. This also has the consequency of fixing
    all the missing filter_by_attribute statements in the current code
    base.

Some tests cannot yet be run due to dependency on completion of
v3/auth

Fixes Bug #1126048
Fixes Bug #1101240

Change-Id: Ibd9867f6eed585414671bbab774df95b8acdf6a5

Changed in keystone:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-02-21

Changed in keystone:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-04-04

Changed in keystone:
milestone:	grizzly-3 → 2013.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.