Activity log for bug #1446834
| Date | Who | What changed | Old value | New value | Message |
|---|---|---|---|---|---|
| 2015-04-21 19:55:37 | David Stanek | bug | added bug | ||
| 2015-04-21 19:57:35 | David Stanek | description | The keystone.resource.backends.sql.Resource.list_projects_in_subtree method tries to check for cycles in the project hierarchy. It's doing it wrong. This was not caught because there are no tests for it because you can't actually create cycles through the API. There are two things we can do here: 1. Be satisfied that we don't allow cycles and remove the checks 2. Fix then and mock out the tests to fabricate cycles | The keystone.resource.backends.sql.Resource.list_projects_in_subtree method tries to check for cycles in the project hierarchy. It's doing it wrong. This was not caught because there are no tests for it because you can't actually create cycles through the API. There are two things we can do here: 1. Be satisfied that we don't allow cycles and remove the checks 2. Fix then and mock out the tests to fabricate cycles Specific problems: bug1: http://git.openstack.org/cgit/openstack/keystone/tree/keystone/resource/backends/sql.py#n97 - not creating a set properly ug2: http://git.openstack.org/cgit/openstack/keystone/tree/keystone/resource/backends/sql.py#n109 - set.union returns a new set; should be set.update() | |
| 2015-04-21 19:57:51 | Rodrigo Duarte | description | The keystone.resource.backends.sql.Resource.list_projects_in_subtree method tries to check for cycles in the project hierarchy. It's doing it wrong. This was not caught because there are no tests for it because you can't actually create cycles through the API. There are two things we can do here: 1. Be satisfied that we don't allow cycles and remove the checks 2. Fix then and mock out the tests to fabricate cycles Specific problems: bug1: http://git.openstack.org/cgit/openstack/keystone/tree/keystone/resource/backends/sql.py#n97 - not creating a set properly ug2: http://git.openstack.org/cgit/openstack/keystone/tree/keystone/resource/backends/sql.py#n109 - set.union returns a new set; should be set.update() | The keystone.resource.backends.sql.Resource.list_projects_in_subtree method tries to check for cycles in the project hierarchy [1]. It's doing it wrong. This was not caught because there are no tests for it because you can't actually create cycles through the API. There are two things we can do here: 1. Be satisfied that we don't allow cycles and remove the checks 2. Fix then and mock out the tests to fabricate cycles [1] https://github.com/openstack/keystone/blob/master/keystone/resource/backends/sql.py#L97 | |
| 2015-04-21 19:57:59 | Rodrigo Duarte | keystone: status | New | Confirmed | |
| 2015-04-21 20:01:17 | David Stanek | keystone: assignee | David Stanek (dstanek) | ||
| 2015-04-22 13:22:36 | OpenStack Infra | keystone: status | Confirmed | In Progress | |
| 2015-04-23 14:49:00 | Dolph Mathews | keystone: importance | Undecided | Low | |
| 2015-04-25 01:57:52 | OpenStack Infra | keystone: status | In Progress | Fix Committed | |
| 2015-04-27 17:33:59 | Lin Hua Cheng | keystone: milestone | liberty-1 | ||
| 2015-06-23 18:10:11 | Doug Hellmann | keystone: status | Fix Committed | Fix Released | |
| 2015-10-15 09:56:08 | Thierry Carrez | keystone: milestone | liberty-1 | 8.0.0 |
