OpenStack Identity (keystone)

v2.0/tenants/{tenantId} reports 404

Bug #1346207 reported by Kanagaraj Manickam
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Won't Fix
Undecided
Steve Martinelli

Bug Description

On running GET on the v2.0/tenants returns two projects as follows:
{
    "tenants_links": [],
    "tenants": [
        {
            "description": null,
            "enabled": true,
            "id": "0f90bb31a01c453f851a5ca4e5e178ab",
            "name": "demo"
        },
        {
            "description": null,
            "enabled": true,
            "id": "dc0a88dc51624167b747211ec050a08e",
            "test": "value",
            "name": "admin"
        }
    ]
}

Then , on running v2.0/tenants/0f90bb31a01c453f851a5ca4e5e178ab reports 404.

But it should be returning the project "demo" details

Kanagaraj Manickam (kanagaraj-manickam)
Changed in keystone:
assignee: nobody → Kanagaraj Manickam (kanagaraj-manickam)
Revision history for this message
Dolph Mathews (dolph) wrote :

Can you write a functional test to illustrate this?

Changed in keystone:
status: New → Incomplete
Revision history for this message
Steve Martinelli (stevemar) wrote :

$ curl -s -H "X-Auth-Token: e38aaafc199a4ce7aaea79d23cdb15c8" http://localhost:5000/v2.0/tenants | python -mjson.tool
{
    "tenants": [
        {
            "description": null,
            "enabled": true,
            "id": "0cb2f0b0842c4852811bdba989e38692",
            "name": "demo"
        },
        {
            "description": null,
            "enabled": true,
            "id": "d015fccad75d430d8b4958054c164e46",
            "name": "admin"
        }
    ],
    "tenants_links": []
}

$ curl -s -H "X-Auth-Token: e38aaafc199a4ce7aaea79d23cdb15c8" http://localhost:5000/v2.0/tenants/0cb2f0b0842c4852811bdba989e38692 | python -mjson.tool
{
    "error": {
        "code": 404,
        "message": "The resource could not be found.",
        "title": "Not Found"
    }
}

That's unsettling.

Changed in keystone:
status: Incomplete → Confirmed
Revision history for this message
Steve Martinelli (stevemar) wrote :

Note, the following worked:

$ curl -s -H "X-Auth-Token: e38aaafc199a4ce7aaea79d23cdb15c8" http://localhost:5000/v3/projects/0cb2f0b0842c4852811bdba989e38692 | python -mjson.tool

Revision history for this message
Steve Martinelli (stevemar) wrote :

So, the code only supports looking up tenant by id for the admin flow, that seems wrong: https://github.com/openstack/keystone/blob/master/keystone/assignment/routers.py#L32-L52

Note, the following worked: (I changed it to port 35357 instead of 5000)

curl -s -H "X-Auth-Token: e38aaafc199a4ce7aaea79d23cdb15c8" http://localhost:35357/v2.0/tenants/0cb2f0b0842c4852811bdba989e38692 | python -mjson.tool
{
    "tenant": {
        "description": null,
        "enabled": true,
        "id": "0cb2f0b0842c4852811bdba989e38692",
        "name": "demo"
    }
}

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/122991

Changed in keystone:
assignee: Kanagaraj Manickam (kanagaraj-manickam) → Steve Martinelli (stevemar)
status: Confirmed → In Progress
Steve Martinelli (stevemar)
tags: added: juno-rc-potential
Revision history for this message
Brant Knudson (blk-u) wrote :

I don't think we should be spending time on changes to v2 API at this point.

Revision history for this message
Steve Martinelli (stevemar) wrote :

After discussing on IRC, we decided to not fix this bug.

Changed in keystone:
status: In Progress → Won't Fix
Revision history for this message
Steve Martinelli (stevemar) wrote :

As a work around, use the admin port if necessary.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on keystone (master)

Change abandoned by Steve Martinelli (<email address hidden>) on branch: master
Review: https://review.openstack.org/122991

Revision history for this message
Dolph Mathews (dolph) wrote :

+1 this is by design. Full tenant CRUD is only available on the admin API (only in the case of v2).

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.