OpenStack Identity (keystone)

400 Bad Request not raised for string values of 'enabled' when update a tenant

Bug #1191384 reported by Wu Wenxiang on 2013-06-15

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Low	Wu Wenxiang	OpenStack Identity (keystone) 2013.2 "havana"

Bug Description

When update a tenant with string value of 'enable', 500 Internal Server Error raised, which should be 400 Bad Request.

Reproduce Step:
trystack@Key31:~$ curl -s -H 'Content-Type: application/json' -d '{"tenant":{"name":"test2","description":"","enabled": "true"}}' -H 'X-Auth-Token: ADMIN_TOKEN' -X POST http://localhost:35357/v2.0/tenants/7d037c0b18d34a6b9f94f2a76fad19a4 | python -mjson.tool
{
    "error": {
        "code": 500,
        "message": "An unexpected error prevented the server from fulfilling your request. invalid literal for int() with base 10: 'true' (original cause: ValueError: invalid literal for int() with base 10: 'true') 'UPDATE project SET enabled=%s WHERE project.id = %s' [{u'project_id': u'7d037c0b18d34a6b9f94f2a76fad19a4', 'enabled': u'true'}]",
        "title": "Internal Server Error"
    }
}

Log:
2013-06-16 03:00:43 ERROR [keystone.common.wsgi] invalid literal for int() with base 10: 'true' (original cause: ValueError: invalid literal for int() with base 10: 'true') 'UPDATE project SET enabled=%s WHERE project.id = %s' [{u'project_id': u'7d037c0b18d34a6b9f94f2a76fad19a4', 'enabled': u'true'}]
Traceback (most recent call last):
  File "/home/trystack/src/keystone/keystone/common/wsgi.py", line 183, in __call__
    result = method(context, **params)
  File "/home/trystack/src/keystone/keystone/identity/controllers.py", line 115, in update_project
    context, tenant_id, clean_tenant)
  File "/home/trystack/src/keystone/keystone/common/manager.py", line 47, in _wrapper
    return f(*args, **kw)
  File "/home/trystack/src/keystone/keystone/common/sql/core.py", line 273, in wrapper
    return method(*args, **kwargs)
  File "/home/trystack/src/keystone/keystone/identity/backends/sql.py", line 470, in update_project
    session.flush()
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 1718, in flush
    self._flush(objects)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/session.py", line 1789, in _flush
    flush_context.execute()
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/unitofwork.py", line 331, in execute
    rec.execute(self)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/unitofwork.py", line 475, in execute
    uow
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/persistence.py", line 59, in save_obj
    mapper, table, update)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/persistence.py", line 485, in _emit_update_statements
    execute(statement, params)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1449, in execute
    params)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1584, in _execute_clauseelement
    compiled_sql, distilled_params
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1651, in _execute_context
    None, None)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/base.py", line 1647, in _execute_context
    context = constructor(dialect, self, conn, *args)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/engine/default.py", line 463, in _init_compiled
    param.append(processors[key](compiled_params[key]))
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/processors.py", line 42, in boolean_to_int
    return int(value)
StatementError: invalid literal for int() with base 10: 'true' (original cause: ValueError: invalid literal for int() with base 10: 'true') 'UPDATE project SET enabled=%s WHERE project.id = %s' [{u'project_id': u'7d037c0b18d34a6b9f94f2a76fad19a4', 'enabled': u'true'}]

Wu Wenxiang (wu-wenxiang) on 2013-06-15

Changed in keystone:
assignee:	nobody → Wu Wenxiang (wu-wenxiang)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-06-15: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/33173

Changed in keystone:
status:	New → In Progress

Dolph Mathews (dolph) on 2013-06-15

Changed in keystone:
importance:	Undecided → Low

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-06-17: Fix merged to keystone (master)

Reviewed: https://review.openstack.org/33173
Committed: http://github.com/openstack/keystone/commit/76e3183ead6ac52fc744f51313bc0fd3b5f4d610
Submitter: Jenkins
Branch: master

commit 76e3183ead6ac52fc744f51313bc0fd3b5f4d610
Author: Wu Wenxiang <wu.wenxiang@99cloud.net>
Date: Sun Jun 16 04:18:05 2013 +0800

Http 400 when project enabled is not a boolean

Having enabled="true" in json data when updating tenant will produce 500

    When updating a project, no type check was performed on the enabled
    attribute. Therefore, if enabled value in JSON/XML is not a boolean but
    a string, keystone responds with an incorrect Http 500 error code and
    the stacktrace.

    The change introduces a type validation of the enabled attribute at
    identity manager. If the type is not a boolean, keystone now returns an
    appropriate Http 400 error code with a message pointing a bad format for
    the attribute.

    Test cases have been added to file test_backend and test_content_types
    for testing the case when enabled attribute is a string or int when
    updating project.

Fixes bug #1191384

Change-Id: I86dd7e71d4bac1e3fd6fcabaa1a2136a47722e5f