OpenStack Identity (keystone)

  1. Bug #999594
  2. Comment #5

Comment 5 for bug 999594

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/9009
Committed: http://github.com/openstack/keystone/commit/7297afc75dd94771d5054daa20b1aa10aa5667d2
Submitter: Jenkins
Branch: master

commit 7297afc75dd94771d5054daa20b1aa10aa5667d2
Author: Vincent Untz <email address hidden>
Date: Tue Jun 26 17:04:08 2012 +0200

    Return a 409 error when adding a second time a role to user/tenant

    Fix bug 999594.

    When a user/tenant pair already has a role and there is a request to add
    the role to the pair, we can choose to either return 200 and let the
    client feel it's alright to do so, or return a 409 error (Conflict) to
    inform the client of the pre-existing role for the pair. I feel the
    latter is a bit more appropriate.

    The KVS and the pam backends were simply accepting the request, while
    the LDAP backend was raising an error. So be consistent, and always
    return 409.

    Change-Id: I7328d2932f6907d48e6422674eeeee22dc7a7149