Can edit user name, email to illegal values
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Invalid
|
High
|
Aakash Soni | ||
OpenStack Identity (keystone) |
Fix Released
|
Undecided
|
Unassigned | ||
python-openstackclient |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Under Identity > Users, you can edit usernames and emails to illegal values (string too long, invalid characters/format, etc). The test string for both email and username update is "abcdefghijklmn
This behavior is not in line with user creation's validation. When you attempt to create a user with the test string as a username or email, you get an error. This validation present during user creation does not appear to be active when editing the user's name or email.
Furthermore, when you set the user's name to the test string, you will be unable to log on using that username due to a name length issue. The test string's length is 75 characters; the horizon log-on maximum is 64.
Changed in horizon: | |
status: | New → Triaged |
importance: | Undecided → High |
Changed in horizon: | |
assignee: | nobody → Xing Chen (chen-xing) |
status: | Triaged → In Progress |
Changed in horizon: | |
assignee: | nobody → Aakash Soni (aakash-soni0308) |
Changed in keystone: | |
assignee: | sandeep nandal (nandal) → nobody |
Changed in python-openstackclient: | |
assignee: | sandeep nandal (nandal) → nobody |
Changed in horizon: | |
status: | Confirmed → Invalid |
Hello,
I cant reproduce the email part (I get a validator error) but I can the user name.
Still, why do you think that test string should be invalid? The user is created like that in keystone so it should not be an issue that you can use those characters for a user name.
+------ ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- -+ ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- -+ 6a71b961e6909b0 26 | pqrstuvwxyz! @#$%^&* ()_+1234567890- =[]\{}| ;':",./ <>? baduser2 | e918d5fd3bcc2ca 41 | pqrstuvwxyz! @#$%^&* ()_+1234567890- =[]\{}| ;':",./ <>? baduser2 | ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- -+
| Property | Value |
+------
| description | |
| enabled | True |
| id | 331158438bfe4ab
| name | abcdefghijklmno
| tenantId | 250ccf4b33c24af
| username | abcdefghijklmno
+------
Now, the issue with the login is true, the max char should not be limited to 64.