Policy negation with multiple policies fails
Bug #1448295 reported by
Tim Hinrichs
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
congress |
Fix Released
|
Critical
|
Tim Hinrichs |
Bug Description
Rules that apply negation to an atom referencing a table in a different policy fail to work properly. Example.
policy alpha:
p(x) :- beta:q(x), not beta:q(x)
policy beta:
q(1)
The query p(x) should be empty, but it returns 1 because 'not beta:q(x)' succeeds because 'beta:q(x)' always fails.
Changed in congress: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/177439
Review: https:/