Possible refactor of keystone.common.validate_token_bind's code

Bug #1488451 reported by majianjun on 2015-08-25
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Low
Steve Martinelli

Bug Description

The part original code of keystone.common.validate_token_bind function is as follows
---
def validate_token_bind(context, token_ref):
    ...
    bind = token_ref.bind

    # permissive and strict modes don't require there to be a bind
    permissive = bind_mode in ('permissive', 'strict')

    # get the named mode if bind_mode is not one of the known
    name = None if permissive or bind_mode == 'required' else bind_mode

    if not bind:
        if permissive:
            # no bind provided and none required
            return
        else:
            LOG.info(_LI("No bind information present in token"))
            raise exception.Unauthorized()
   ...
---

If the bind is None, It is not necessary to execute the "name = None if permissive or bind_mode == 'required' else bind_mode".
So It had better to adjust the sequence about the above code.
The changed code is as follows:
---
def validate_token_bind(context, token_ref):
    ...
    bind = token_ref.bind

    # permissive and strict modes don't require there to be a bind
    permissive = bind_mode in ('permissive', 'strict')

    if not bind:
        if permissive:
            # no bind provided and none required
            return
        else:
            LOG.info(_LI("No bind information present in token"))
            raise exception.Unauthorized()

    # get the named mode if bind_mode is not one of the known
    name = None if permissive or bind_mode == 'required' else bind_mode
   ...
---

majianjun (mjjun) on 2015-08-25
Changed in keystone:
assignee: nobody → majianjun (mjjun)
Dolph Mathews (dolph) wrote :

I've marked this as Low because there is no clear negative impact of the current code on end users (if there is some negative impact here, please describe it). If you're simply proposing a refactor, a bug report is unnecessary.

Changed in keystone:
importance: Undecided → Low
status: New → Triaged
summary: - It had better to change the sequence of
- keystone.common.validate_token_bind's code
+ Possible refactor of keystone.common.validate_token_bind's code
Steve Martinelli (stevemar) wrote :

as dolph said, there is no negative impact here, just propose the refactor

Fix proposed to branch: master
Review: https://review.openstack.org/251222

Changed in keystone:
assignee: majianjun (mjjun) → Steve Martinelli (stevemar)
status: Triaged → In Progress
Steve Martinelli (stevemar) wrote :

Reviewed: https://review.openstack.org/251222
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=6977f908fed3b5a64161990ad4716e3cf1f2e234
Submitter: Jenkins
Branch: master

commit 6977f908fed3b5a64161990ad4716e3cf1f2e234
Author: Steve Martinelli <email address hidden>
Date: Mon Nov 30 02:38:57 2015 -0500

    refactor: move variable to where it's needed

    the `name` variable wasn't needed before the conditional, bump
    it down.

    Change-Id: I688b6f902f40536f88f51b4e7e47d049573bdbc5
    Closes-Bug: 1488451

Changed in keystone:
status: In Progress → Fix Committed
Changed in keystone:
status: Fix Committed → Fix Released

This issue was fixed in the openstack/keystone 9.0.0.0b2 development milestone.

Changed in keystone:
milestone: none → mitaka-2
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers