any value for quota project id can be updated

The main issues here are:

 (a) DB pollution with the quota bounding a non-existent project that never gets enforced

 (b) the lack of feedback when a user fat-fingers the project ID in a call to nova-manage setting the quota

Other than that, there are no ill-effects that I can see, but it certainly should be fixed in any case for Folsom.

OK, so it turns out that this is problematic for two reasons:

1. In the keystone auth case, the configuration required to validate the tenant ID is bound to paste config for the keystone auth_token middleware, as opposed to general nova configuration. This config should be refactored so that its located in the general nova.conf, to avoid the need for users to ever edit paste config, and also to make it available to other nova code (such as the quota project ID validation case at hand). While this change is warranted, its out of scope for Folsom at this late stage.

2. In the noauth case, the project ID can be any value what-so-ever, so the validation doesn't arise and wouldn't add any value. Its currently not easily detectable within an API extension whether noauth is being used, as the context is populated in any case with auth-related headers.

For the reasons set out above, lets punt this issue to Grizzly-1.

Hi Eoghan, what's the progress of this issue? We have many testers in our project are complaining this bad user experience.
When update the quota we have to provide the exactly tenant id and without any validation, once we provide a tenant name or a wrong tenant id, the quota can not be updated as exception.

There is a blueprint to validate tenant and user IDs that is pending: https://blueprints.launchpad.net/nova/+spec/validate-tenant-user-with-keystone. It should resolve this bug and well as many other identical bugs.