OpenStack Identity (keystone)

V2 API: enable a user doesn't work

Bug #1603905 reported by Dave Chen
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Medium
Dave Chen
OpenStack Identity (keystone) newton-3 "n3"

Bug Description

Enable user
===========
PUT /v2.0/users/{userId}/OS-KSADM/enabled

The above API doesn't work, there are two issue here.

1. The API unnecessarily need a request body

url -g -i -X PUT http://10.239.159.68/identity_v2_admin/v2.0/users/acc163d0efa14fe5b84e1dcc62ff6404/OS-KSADM/enabled -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token: e2fde9a73eb743e298e3d10aabebe5e0"

{"error": {"message": "set_user_enabled() takes exactly 4 arguments (3 given)", "code": 400, "title": "Bad Request"}}

2. If we pass a request body without 'enabled' property, it cannot enable the disabled user.

openstack user show acc163d0efa14fe5b84e1dcc62ff6404
+--------------------+----------------------------------+
| Field | Value |
+--------------------+----------------------------------+
| default_project_id | e9b5b0575cad498f8fce9e39ef209411 |
| domain_id | default |
| enabled | False |
| id | acc163d0efa14fe5b84e1dcc62ff6404 |
| name | test_user |
+--------------------+----------------------------------+

curl -g -i -X PUT http://10.239.159.68/identity_v2_admin/v2.0/users/acc163d0efa14fe5b84e1dcc62ff6404/OS-KSADM/enabled -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token: e2fde9a73eb743e298e3d10aabebe5e0" -d '{"user": {"name": "test_user"}}'

{"user": {"username": "test_user", "name": "test_user", "extra": {}, "enabled": false, "id": "acc163d0efa14fe5b84e1dcc62ff6404", "tenantId": "e9b5b0575cad498f8fce9e39ef209411"}}

Nothing is changed, the user is still disabled.

See original description
Dave Chen (wei-d-chen)
description: updated
Dave Chen (wei-d-chen)
description: updated
Dave Chen (wei-d-chen)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/344057

Changed in keystone:
assignee: nobody → Dave Chen (wei-d-chen)
status: New → In Progress
Steve Martinelli (stevemar)
Changed in keystone:
milestone: none → newton-3
importance: Undecided → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on keystone (master)

Change abandoned by Dave Chen (<email address hidden>) on branch: master
Review: https://review.openstack.org/344057

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to keystone (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/345137

Revision history for this message
Dave Chen (wei-d-chen) wrote :

So, lower the priority since all that needed is a way to make sure the payload is properly set.

Changed in keystone:
importance: High → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to keystone (master)

Reviewed: https://review.openstack.org/345137
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=002de1b18392044e1e719f5edae1dfa64a52a575
Submitter: Jenkins
Branch: master

commit 002de1b18392044e1e719f5edae1dfa64a52a575
Author: Dave Chen <email address hidden>
Date: Thu Jul 21 10:50:04 2016 +0800

    Clarify V2 API for enabling or disabling user

    This small change make it clear that the API can also disable a
    user and the request body with `enabled` attribute is always needed.

    Change-Id: I4e242d36e9830fd162634c5a864f6a787a4de9d7
    Related-Bug: #1603905

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/344057
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=4adf01b03b75af4bb1917f545dc71788fb07d5ea
Submitter: Jenkins
Branch: master

commit 4adf01b03b75af4bb1917f545dc71788fb07d5ea
Author: Dave Chen <email address hidden>
Date: Tue Jul 19 14:53:36 2016 +0800

    Add schema for enabling a user

    The schema is added to ensure the payload is correctly assembled.

    The route of the API is defined here:
    https://github.com/openstack/keystone/blob/master/keystone/v2_crud/admin_crud.py#L134

    Partially implements: bp schema-validation-extent
    Change-Id: I79c95be3699cf915fc8542d2e770072970656261
    Closes-Bug: #1603905

Changed in keystone:
status: In Progress → Fix Released
Revision history for this message
Thierry Carrez (ttx) wrote : Fix included in openstack/keystone 10.0.0.0b3

This issue was fixed in the openstack/keystone 10.0.0.0b3 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.