OpenStack Identity (keystone)

cadf payload doesn't have initiator for v2 calls

Bug #1485035 reported by Haneef Ali on 2015-08-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Medium	Sam Leong	OpenStack Identity (keystone) mitaka-1 "m1"
	Kilo	Fix Released	Undecided	Unassigned	OpenStack Identity (keystone) 2015.1.3

Bug Description

CADF payload doesn't have initiator for any of the v2 calls.

e.g
   1) v2 update user
   2) This internally calls identity_driver.update_user without imitator argument which is a default argument initialized to None
   3) If we call v3 update user, then we pass initiator. So cadf payload for v3 has initiator

Tags:

Revision history for this message

Dolph Mathews (dolph) wrote on 2015-08-14:

imitator == initiator?

It would be a major refactor, but if we passed context to the managers, then we could wrap all the manager methods at once with auditing notifications and cover both APIs.

Changed in keystone:
importance:	Undecided → Medium
status:	New → Triaged

Sam Leong (chio-fai-sam-leong) on 2015-08-31

Changed in keystone:
assignee:	nobody → Sam Leong (chio-fai-sam-leong)

Revision history for this message

Steve Martinelli (stevemar) wrote on 2015-09-19:

mfisch from twc also asked about this, might be worth squeezing in before rc is cut

Revision history for this message

Sam Leong (chio-fai-sam-leong) wrote on 2015-09-19:

Sure, will try to make a patch before the mid of next week.

Revision history for this message

Steve Martinelli (stevemar) wrote on 2015-09-28:

@sam, i didn't realize you were working on this, i wrote a small patch during a flight and plan on posting it, please review/iterate

Revision history for this message

Sam Leong (chio-fai-sam-leong) wrote on 2015-09-28:

Steve, no problem. I was busy with the other stuffs anyway and just tried to write up some test cases. Anyway, that's fine and I will review your patch. Please post it, thx!

Revision history for this message

Sam Leong (chio-fai-sam-leong) wrote on 2015-10-05:

@steve, how's your progress with your patch? do you have it posted soon? I have a chance to work on it now if you like, I will just need to add few more tests. Let me know.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-05: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/231123

Changed in keystone:
assignee:	Sam Leong (chio-fai-sam-leong) → Steve Martinelli (stevemar)
status:	Triaged → In Progress

OpenStack Infra (hudson-openstack) on 2015-10-07

Changed in keystone:
assignee:	Steve Martinelli (stevemar) → Sam Leong (chio-fai-sam-leong)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-15: Fix merged to keystone (master)

Reviewed: https://review.openstack.org/231123
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=84b2285a1e1e52213f629d1c54a86eb7565142e4
Submitter: Jenkins
Branch: master

commit 84b2285a1e1e52213f629d1c54a86eb7565142e4
Author: Steve Martinelli <email address hidden>
Date: Sun Sep 27 15:31:57 2015 -0400

add initiator to v2 calls for additional auditing

currently notifications are emitted for v2 calls, but the
initiator field is not filled in.

Co-authored-by: sam leong <email address hidden>

Change-Id: Ie2c3fe8d105d59ab89b7f6625e159d4eb6e923b0
Closes-Bug: #1485035

Changed in keystone:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-16: Fix proposed to keystone (stable/kilo)

Fix proposed to branch: stable/kilo
Review: https://review.openstack.org/236069

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-10-16: Fix proposed to keystone (stable/liberty)

#10

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/236146

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-13: Fix merged to keystone (stable/kilo)

#11

Reviewed: https://review.openstack.org/236069
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=a8d94f3795cf3ac2b55fa61adf31cbfab40ca82d
Submitter: Jenkins
Branch: stable/kilo

commit a8d94f3795cf3ac2b55fa61adf31cbfab40ca82d
Author: Steve Martinelli <email address hidden>
Date: Sun Sep 27 15:31:57 2015 -0400

add initiator to v2 calls for additional auditing

currently notifications are emitted for v2 calls, but the
initiator field is not filled in.

Conflicts:
keystone/resource/controllers.py

Co-authored-by: sam leong <email address hidden>

    Change-Id: Ie2c3fe8d105d59ab89b7f6625e159d4eb6e923b0
    Closes-Bug: #1485035
    (cherry picked from commit 84b2285a1e1e52213f629d1c54a86eb7565142e4)

tags:

added: in-stable-kilo

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-17: Fix merged to keystone (stable/liberty)

#12

Reviewed: https://review.openstack.org/236146
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=529cd551cdc72ac22358f44d8978469145b0fccf
Submitter: Jenkins
Branch: stable/liberty

commit 529cd551cdc72ac22358f44d8978469145b0fccf
Author: Steve Martinelli <email address hidden>
Date: Sun Sep 27 15:31:57 2015 -0400

add initiator to v2 calls for additional auditing

currently notifications are emitted for v2 calls, but the
initiator field is not filled in.

Co-authored-by: sam leong <email address hidden>

    Change-Id: Ie2c3fe8d105d59ab89b7f6625e159d4eb6e923b0
    Closes-Bug: #1485035
    (cherry picked from commit 84b2285a1e1e52213f629d1c54a86eb7565142e4)

tags:

added: in-stable-liberty

Steve Martinelli (stevemar) on 2015-12-01

Changed in keystone:
milestone:	none → mitaka-1

Revision history for this message

Thierry Carrez (ttx) wrote on 2015-12-03: Fix included in openstack/keystone 9.0.0.0b1

#13

This issue was fixed in the openstack/keystone 9.0.0.0b1 development milestone.

Doug Hellmann (doug-hellmann) on 2015-12-03

Changed in keystone:
status:	Fix Committed → Fix Released

Revision history for this message

Thierry Carrez (ttx) wrote on 2015-12-10: Fix included in openstack/keystone 8.0.1

#14

This issue was fixed in the openstack/keystone 8.0.1 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.