user to nonlocal_user should be a 1 to 1 table relationship
Bug #1649412 reported by
Ron De Rose
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Low
|
Ron De Rose |
Bug Description
The 'nonlocal_user' table shadows LDAP or custom identity driver users. Currently, the 'user' to 'nonlocal_user' table relationship is 1 to many. However, this is inaccurate. For example, there shouldn't be a user with multiple usernames from a single domain; keystone doesn't support that. A user belongs to a domain and has a single username.
Changed in keystone: | |
assignee: | nobody → Ron De Rose (ronald-de-rose) |
importance: | Undecided → Low |
Changed in keystone: | |
status: | New → In Progress |
Changed in keystone: | |
milestone: | none → ocata-3 |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/409946 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=e3f55e7b542 50f46f8ade623fe 9d62586cf780be
Committed: https:/
Submitter: Jenkins
Branch: master
commit e3f55e7b54250f4 6f8ade623fe9d62 586cf780be
Author: Ronald De Rose <email address hidden>
Date: Mon Dec 12 21:46:27 2016 +0000
Make user to nonlocal_user a 1:1 relationship
The table relationship between 'user' and 'nonlocal_user' should be
1 to 1, which is consistent with 'user' to 'local_user'. However, it's
mistakenly 1 to many. In fact, the backend code treats 'user' to
'nonlocal_user' as 1:1 and wouldn't allow duplicates, so this will have
zero impact on existing deployments. This patch fixes this by making the
user_id column unique.
Closes-Bug: #1649412 Implements: bp support- federated- attr 67e5421cf0bf455 1183902cf00
Partially-
Change-Id: Ib371df18f3fb2c