OpenStack Identity (keystone)

Update API on LDAP does not return the result

Bug #1117356 reported by Jose Castro Leon
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Medium
Dolph Mathews
OpenStack Identity (keystone) 2013.2 "havana"
Grizzly
Fix Released
Medium
Dolph Mathews
OpenStack Identity (keystone) 2013.1.2

Bug Description

When updating a tenant using LDAP backend the api call did not return the updated tenant. On the SQL backend the updated tenant is returned

DEBUG Trace in keystone.log

2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] ******************** REQUEST ENVIRON ********************
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] SCRIPT_NAME = /v2.0
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] webob.adhoc_attrs = {'response': <Response at 0x3433c90 200 OK>}
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] REQUEST_METHOD = POST
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] PATH_INFO = /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] SERVER_PROTOCOL = HTTP/1.0
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] CONTENT_LENGTH = 149
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] HTTP_X_AUTH_TOKEN = keystone_admin_token
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] HTTP_USER_AGENT = python-keystoneclient
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] eventlet.posthooks = []
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] RAW_PATH_INFO = /v2.0//tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] REMOTE_ADDR = 128.142.34.211
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] eventlet.input = <eventlet.wsgi.Input object at 0x3427f90>
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] wsgi.url_scheme = https
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] SERVER_PORT = 35357
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] wsgi.input = <cStringIO.StringI object at 0x24ba1b0>
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] openstack.context = {'token_id': '*******', 'is_admin': True}
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] HTTP_HOST = lxbrf17b01.cern.ch:35357
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] HTTPS = on
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] wsgi.multithread = True
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] openstack.params = {u'tenant': {u'enabled': True, u'description': u'Private Project for user jcastro', u'name': u'jcastro Private', u'id': u'77e43eef529e46278db52ef2d496850b'}}
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] wsgi.version = (1, 0)
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] SERVER_NAME = 128.142.34.211
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] GATEWAY_INTERFACE = CGI/1.1
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] wsgi.run_once = False
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] wsgi.errors = <open file '<stderr>', mode 'w' at 0x7f55d55c01e0>
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] wsgi.multiprocess = False
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] webob.is_body_seekable = True
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] CONTENT_TYPE = application/json
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] HTTP_ACCEPT_ENCODING = gzip, deflate
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi]
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] ******************** REQUEST BODY ********************
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] {"tenant": {"description": "Private Project for user jcastro", "enabled": true, "id": "77e43eef529e46278db52ef2d496850b", "name": "jcastro Private"}}
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi]
2013-02-06 15:04:27 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:04:27 DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.ec2.core.Ec2Extension object at 0x329bc10>}
2013-02-06 15:04:27 DEBUG [routes.middleware] Match dict: {'controller': <keystone.contrib.ec2.core.Ec2Extension object at 0x329bc10>, 'path_info': '/tenants/77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:04:27 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:04:27 DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.s3.core.S3Extension object at 0x32928d0>}
2013-02-06 15:04:27 DEBUG [routes.middleware] Match dict: {'controller': <keystone.contrib.s3.core.S3Extension object at 0x32928d0>, 'path_info': '/tenants/77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:04:27 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:04:27 DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.admin_crud.core.CrudExtension object at 0x328b6d0>}
2013-02-06 15:04:27 DEBUG [routes.middleware] Match dict: {'controller': <keystone.contrib.admin_crud.core.CrudExtension object at 0x328b6d0>, 'path_info': '/tenants/77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:04:27 DEBUG [routes.middleware] Matched POST /tenants/77e43eef529e46278db52ef2d496850b
2013-02-06 15:04:27 DEBUG [routes.middleware] Route path: '/tenants/{tenant_id}', defaults: {'action': u'update_tenant', 'controller': <keystone.identity.core.TenantController object at 0x32f7cd0>}
2013-02-06 15:04:27 DEBUG [routes.middleware] Match dict: {'action': u'update_tenant', 'tenant_id': u'77e43eef529e46278db52ef2d496850b', 'controller': <keystone.identity.core.TenantController object at 0x32f7cd0>}
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] arg_dict: {'tenant_id': u'77e43eef529e46278db52ef2d496850b'}
2013-02-06 15:04:27 DEBUG [keystone.common.ldap.core] LDAP init: url=ldaps://********
2013-02-06 15:04:27 DEBUG [keystone.common.ldap.core] LDAP bind: ********
2013-02-06 15:04:27 DEBUG [keystone.common.ldap.core] LDAP search: dn=cn=77e43eef529e46278db52ef2d496850b,OU=Tenants,OU=Agile,DC=cern,DC=ch, scope=0, query=(objectClass=groupOfNames), attrs=['cn', 'extensionName', 'ou', 'description']
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] ******************** RESPONSE HEADERS ********************
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] Vary = X-Auth-Token
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] Content-Type = application/json
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] Content-Length = 16
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi]
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] ******************** RESPONSE BODY ********************
2013-02-06 15:04:27 DEBUG [keystone.common.wsgi] {"tenant": null}
2013-02-06 15:04:27 DEBUG [eventlet.wsgi.server] 128.142.34.211 - - [06/Feb/2013 15:04:27] "POST /v2.0//tenants/77e43eef529e46278db52ef2d496850b HTTP/1.1" 200 144 0.023397

Jose Castro Leon (jose-castro-leon)
Changed in keystone:
assignee: nobody → Jose Castro Leon (jose-castro-leon)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/21320

Changed in keystone:
status: New → In Progress
Revision history for this message
Jose Castro Leon (jose-castro-leon) wrote :

It is applicable to users, groups, projects and role updates

summary: - Tenant update API on LDAP does not return the result
+ Update API on LDAP does not return the result
OpenStack Infra (hudson-openstack)
Changed in keystone:
assignee: Jose Castro Leon (jose-castro-leon) → Dolph Mathews (dolph)
Dolph Mathews (dolph)
Changed in keystone:
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/28197
Committed: http://github.com/openstack/keystone/commit/5d26d091e128c474739848cd987ccacb326c5cc8
Submitter: Jenkins
Branch: master

commit 5d26d091e128c474739848cd987ccacb326c5cc8
Author: Dolph Mathews <email address hidden>
Date: Fri May 3 15:55:59 2013 -0500

    Read-only default domain for LDAP (bug 1168726)

    A proper fix to the above was also blocked by bug 1117356, so that's
    fixed here as well (updates properly return the resulting entities).

    Change-Id: I672b90e67545cc1fe65b05ef7f8af5b42ca6afc3

Changed in keystone:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in keystone:
milestone: none → havana-1
status: Fix Committed → Fix Released
Revision history for this message
Alan Pevec (apevec) wrote :

stable/grizzly backport https://review.openstack.org/28423

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/grizzly)

Reviewed: https://review.openstack.org/28423
Committed: http://github.com/openstack/keystone/commit/39c4ca1e2f890e9264643daa415576fe3088ffe2
Submitter: Jenkins
Branch: stable/grizzly

commit 39c4ca1e2f890e9264643daa415576fe3088ffe2
Author: Dolph Mathews <email address hidden>
Date: Fri May 3 15:55:59 2013 -0500

    Read-only default domain for LDAP (bug 1168726)

    NOTE: this patch effectively *removes* a feature new in grizzly
    (multi-domain support for LDAP) in favor of fixing our existing 99% use
    case (proper read-only support for LDAP for a single domain).

    A proper fix to the above was also blocked by bug 1117356, so that's
    fixed here as well (updates properly return the resulting entities).

    Change-Id: I672b90e67545cc1fe65b05ef7f8af5b42ca6afc3

Thierry Carrez (ttx)
Changed in keystone:
milestone: havana-1 → 2013.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.