Roles controller 'add_role_to_user' API conflict
Bug #925496 reported by
Rafael Durán Castañeda
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Undecided
|
Dolph Mathews |
Bug Description
Hi,
I've noticed that 'add_role_to_user' method from RolesController conflicts Keystone API. This method is returning just the status code and no body while others API methods updating resources returns the status code and the updated resource as body. Thus, this conflict can produce errors on some clients expecting an updated resource at body response, as it does python-
Bye
Changed in keystone: | |
assignee: | nobody → Dolph Mathews (dolph) |
To post a comment you must log in.
This behavior is by design.
The HTTP spec makes no assertions that a successful PUT operation MUST return a response body, and our specification takes advantage of that (see quotations below).
From our OS-KSADM API specification:
2.1.1.6. Add Global roles to a user:
"This operation does not require a request body and does not return a response body."
2.1.2.7. Add roles to a user on a tenant:
"This operation does not require a request body and does not return a response body."
In this specific case, the presence of a response body would be more likely attributed with a failure condition (error message).
Clients should NOT expect a response body; additionally, this behavior has recently changed in python- keystoneclient (see https:/ /github. com/openstack/ python- keystoneclient/ commit/ 2914c2b1d1e36aa 12ba5bd9b4c2ee9 b594f1a79c ).