OpenStack Identity (keystone)

  1. Bug #1309228
  2. Comment #41

Comment 41 for bug 1309228

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/icehouse)

Reviewed: https://review.openstack.org/94397
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=786af9829c5329a982e3451f77afebbfb21850bd
Submitter: Jenkins
Branch: stable/icehouse

commit 786af9829c5329a982e3451f77afebbfb21850bd
Author: Brant Knudson <email address hidden>
Date: Fri Apr 18 11:18:42 2014 -0500

    SQL and LDAP fixes for get_roles_for_user_and_project user=group ID

    When there was a role assigned to a group with the same ID as a user,
    the SQL and LDAP assignment backends would incorrectly return the
    assignment to the group when requesting roles for the user via the
    get_roles_for_user_and_project method.

    With this change, assignments to a group with the same ID are not
    returned for the user when calling get_roles_for_user_and_project.

    Functions were added to compare DNs more accurately based on the
    LDAP RFCs.

    The fakeldap code was changed to normalize the values when
    comparing values for checking if the values match the filter.

    Co-Authored By: Nathan Kinder <email address hidden>
    Co-Authored By: Adam Young <email address hidden>

    Change-Id: Id3d6f66c995e65e37d909359420d71ecdde86b69
    Closes-Bug: #1309228