congress

Give system policies unique IDs

Bug #1411014 reported by Janet Yu
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
congress
Invalid
Low
Zhenzan Zhou

Bug Description

The user defined policies have IDs that look like UUIDs, e.g., "9fd43da1-4b3f-4c05-91fa-086e34889a1f". The IDs for system defined policies, such as "ceilometer" and "nova", are all "None". Give the system policies IDs that can be used to uniquely identify each policy.

Revision history for this message
Aaron Rosen (arosen) wrote :

sorry, would you mind showing the openstack congress commands that expose this issue?

Revision history for this message
Janet Yu (jwy) wrote :

Id is "None" in the policies where owner_id is "system", seen here:

$ openstack congress policy list
+--------------------------------------+----------------+----------+--------------+-----------------------+
| id | name | owner_id | kind | description |
 +--------------------------------------+----------------+----------+--------------+-----------------------+
| 37c7c1b4-a746-43f1-a141-b3623d0c5752 | classification | user | nonrecursive | default policy |
| e9720b40-4835-468d-b1fe-080164c07e6a | action | user | nonrecursive | default action policy |
| None | ceilometer | system | nonrecursive | Datasource store |
| None | swift | system | nonrecursive | Datasource store |
| None | nova | system | nonrecursive | Datasource store |
| None | cinder | system | nonrecursive | Datasource store |
| None | glancev2 | system | nonrecursive | Datasource store |
| None | neutron | system | nonrecursive | Datasource store |
 +--------------------------------------+----------------+----------+--------------+-----------------------+

And here:

$ curl -X GET localhost:1789/v1/policies
{
  "results": [
    {
      "kind": "nonrecursive",
      "description": "default policy",
      "name": "classification",
      "abbreviation": "class",
      "id": "37c7c1b4-a746-43f1-a141-b3623d0c5752",
      "owner_id": "user"
    },
    {
      "kind": "nonrecursive",
      "description": "default action policy",
      "name": "action",
      "abbreviation": "actio",
      "id": "e9720b40-4835-468d-b1fe-080164c07e6a",
      "owner_id": "user"
    },
    {
      "kind": "nonrecursive",
      "description": "Datasource store",
      "name": "ceilometer",
      "abbreviation": "ceilo",
      "id": "None",
      "owner_id": "system"
    },
    {
      "kind": "nonrecursive",
      "description": "Datasource store",
      "name": "swift",
      "abbreviation": "swift",
      "id": "None",
      "owner_id": "system"
    },
    {
      "kind": "nonrecursive",
      "description": "Datasource store",
      "name": "nova",
      "abbreviation": "nova",
      "id": "None",
      "owner_id": "system"
    },
    {
      "kind": "nonrecursive",
      "description": "Datasource store",
      "name": "cinder",
      "abbreviation": "cinde",
      "id": "None",
      "owner_id": "system"
    },
    {
      "kind": "nonrecursive",
      "description": "Datasource store",
      "name": "glancev2",
      "abbreviation": "glanc",
      "id": "None",
      "owner_id": "system"
    },
    {
      "kind": "nonrecursive",
      "description": "Datasource store",
      "name": "neutron",
      "abbreviation": "neutr",
      "id": "None",
      "owner_id": "system"
    }
  ]
}

Revision history for this message
Zhenzan Zhou (zhenzan-zhou) wrote :

Those system policies (or actually just non-persisted datasource policies) are not saved in database:

mysql> select * from policies;
+--------------------------------------+---------------------+------------+------------+---------+----------------+--------------+-----------------------+-------+--------------+
| id | created_at | updated_at | deleted_at | deleted | name | abbreviation | description | owner | kind |
 +--------------------------------------+---------------------+------------+------------+---------+----------------+--------------+-----------------------+-------+--------------+
| 15abd376-2094-4908-9cb4-6694254adc8b | 2015-03-16 12:04:39 | NULL | NULL | | classification | class | default policy | user | nonrecursive |
| 4921bc6b-93c9-4571-8da5-aa7f4887d65c | 2015-03-16 12:04:39 | NULL | NULL | | action | actio | default action policy | user | nonrecursive |
 +--------------------------------------+---------------------+------------+------------+---------+----------------+--------------+-----------------------+-------+--------------+
2 rows in set (0.00 sec)

I just filed a bug #1435128 that even we can create a rule against system policies, congress will get fatal exception on start because system policies are not managed by policy engine.

Zhenzan Zhou (zhenzan-zhou)
Changed in congress:
assignee: nobody → Zhenzan Zhou (zhenzan-zhou)
Tim Hinrichs (thinrichs)
Changed in congress:
importance: Undecided → Low
Revision history for this message
Zhenzan Zhou (zhenzan-zhou) wrote :

System policy for datasource drivers are not shown any more:

ubuntu@node-01:~$ openstack congress policy list
+--------------------------------------+----------------+----------+--------------+-----------------------+
| id | name | owner_id | kind | description |
 +--------------------------------------+----------------+----------+--------------+-----------------------+
| 4f0eddf2-840e-4e2e-a1cf-26d2328a512e | alice | user | nonrecursive | test for bug |
| a12df9b7-4493-4fe8-80b0-4a3cbeafb7d7 | classification | user | nonrecursive | default policy |
| a17abc97-803d-4336-ad95-460bc0e181cc | action | user | action | default action policy |
 +--------------------------------------+----------------+----------+--------------+-----------------------+

Invalid this bug.

Changed in congress:
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.