commit f3b5854d1fc46d60c40717b01ddb379b7eb9d609
Author: Zane Bitter <zbitter@redhat.com>
Date:   Wed Jan 11 15:50:06 2017 -0500

    Don't allow the user to pass in a trust ID
    
    Since Aodh uses trust IDs stored in alarm URLs unconditionally - without
    checking for tenant safety - it is not safe to allow users to pass in their
    own trust IDs. Forbid this and allow only trusts created by Aodh to be
    used. It is highly unlikely that there is any (legitimate) use of this
    feature in the wild, since allowing Aodh to create the trust is easier
    anyway.
    
    Change-Id: Icbe8d7f59dc863a5f5cb8829910a6614f9fb5a07
    Closes-Bug: #1649333

diff --git a/aodh/api/controllers/v2/alarms.py b/aodh/api/controllers/v2/alarms.py
index 9e5a68a..21fc07c 100644
--- a/aodh/api/controllers/v2/alarms.py
+++ b/aodh/api/controllers/v2/alarms.py
@@ -420,7 +420,8 @@ class Alarm(base.Base):
                     url = netutils.urlsplit(action)
                     if self._is_trust_url(url):
                         if '@' in url.netloc:
-                            continue
+                            errmsg = _("trust URL cannot contain a trust ID.")
+                            raise base.ClientSideError(errmsg)
                         if trust_id is None:
                             # We have a trust action without a trust ID,
                             # create it
diff --git a/aodh/notifier/trust.py b/aodh/notifier/trust.py
index 0cf24c3..1cbc38d 100644
--- a/aodh/notifier/trust.py
+++ b/aodh/notifier/trust.py
@@ -55,5 +55,5 @@ class TrustRestAlarmNotifier(TrustAlarmNotifierMixin, rest.RestAlarmNotifier):
     keystone authentication. It uses the aodh service user to
     authenticate using the trust ID provided.
 
-    The URL must be in the form ``trust+http://trust-id@host/action``.
+    The URL must be in the form ``trust+http://host/action``.
     """
diff --git a/aodh/notifier/zaqar.py b/aodh/notifier/zaqar.py
index 92ef162..24c2769 100644
--- a/aodh/notifier/zaqar.py
+++ b/aodh/notifier/zaqar.py
@@ -194,7 +194,7 @@ class TrustZaqarAlarmNotifier(trust.TrustAlarmNotifierMixin,
                               ZaqarAlarmNotifier):
     """Zaqar notifier using a Keystone trust to post to user-defined queues.
 
-    The URL must be in the form ``trust+zaqar://trust_id@?queue_name=example``.
+    The URL must be in the form ``trust+zaqar://?queue_name=example``.
     """
 
     def _get_client_conf(self, auth_token):