[Yahoo-eng-team] [Bug 1294356] Re: improper validation allows for 500 during create role
This is now fixed by json shema, for the invalid data it now returns 400
error
Here is the test result:
curl -g -i -X POST http://10.0.2.15:35357/v2.0/OS-KSADM/roles -H "User-Agent:
python-keystoneclient" -H "Content-Type: application/json" -H "Accept:
application/json" -H "X-Auth-Token: " -d '{"role": {"role": "name"}}'
HTTP/1.1 400 Bad Request
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 105
Date: Sun, 15 Feb 2015 05:12:50 GMT
{"error": {"message": "Name field is required and cannot be empty",
"code": 400, "title": "Bad Request"}}
** Changed in: keystone
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1294356
Title:
improper validation allows for 500 during create role
Status in OpenStack Identity (Keystone):
Invalid
Bug description:
Improper validation allows for requests to cause 500s.
POST /v2.0/OS-KSADM/roles HTTP/1.1
Host: 10.127.101.67:35357
Content-Length: 22
Content-Type: application/json
Accept-Encoding: gzip, deflate, compress
Accept: */*
X-Auth-Token:
User-Agent: python-requests/2.2.1 CPython/2.7.4 Linux/3.13.0-17-generic
{
"role": "name"
}
HTTP/1.1 500 Internal Server Error
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 189
Date: Tue, 18 Mar 2014 19:36:05 GMT
{"error": {"message": "An unexpected error prevented the server from
fulfilling your request. 'unicode' object has no attribute
'iteritems'", "code": 500, "title": "Internal Server Error"}}
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1294356/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1422049] [NEW] Security group checking action permissions raise error
Public bug reported: When using nova-network, I got the output on horizon: [Sun Feb 15 02:48:41.965163 2015] [:error] [pid 21259:tid 140656137611008] Error while checking action permissions. [Sun Feb 15 02:48:41.965184 2015] [:error] [pid 21259:tid 140656137611008] Traceback (most recent call last): [Sun Feb 15 02:48:41.965193 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/tables/base.py", line 1260, in _filter_action [Sun Feb 15 02:48:41.965199 2015] [:error] [pid 21259:tid 140656137611008] return action._allowed(request, datum) and row_matched [Sun Feb 15 02:48:41.965205 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/tables/actions.py", line 137, in _allowed [Sun Feb 15 02:48:41.965211 2015] [:error] [pid 21259:tid 140656137611008] return self.allowed(request, datum) [Sun Feb 15 02:48:41.965440 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/access_and_security/security_groups/tables.py", line 83, in allowed [Sun Feb 15 02:48:41.965457 2015] [:error] [pid 21259:tid 140656137611008] if usages['security_groups']['available'] <= 0: [Sun Feb 15 02:48:41.965466 2015] [:error] [pid 21259:tid 140656137611008] KeyError: 'available' [Sun Feb 15 02:48:41.986480 2015] [:error] [pid 21259:tid 140656137611008] Error while checking action permissions. [Sun Feb 15 02:48:41.986533 2015] [:error] [pid 21259:tid 140656137611008] Traceback (most recent call last): [Sun Feb 15 02:48:41.986569 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/tables/base.py", line 1260, in _filter_action [Sun Feb 15 02:48:41.986765 2015] [:error] [pid 21259:tid 140656137611008] return action._allowed(request, datum) and row_matched [Sun Feb 15 02:48:41.986806 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/tables/actions.py", line 137, in _allowed [Sun Feb 15 02:48:41.986841 2015] [:error] [pid 21259:tid 140656137611008] return self.allowed(request, datum) [Sun Feb 15 02:48:41.987010 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/access_and_security/security_groups/tables.py", line 83, in allowed [Sun Feb 15 02:48:41.987051 2015] [:error] [pid 21259:tid 140656137611008] if usages['security_groups']['available'] <= 0: [Sun Feb 15 02:48:41.987088 2015] [:error] [pid 21259:tid 140656137611008] KeyError: 'available' ** Affects: horizon Importance: Undecided Assignee: qiaojian (qiaojian) Status: New ** Changed in: horizon Assignee: (unassigned) => qiaojian (qiaojian) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1422049 Title: Security group checking action permissions raise error Status in OpenStack Dashboard (Horizon): New Bug description: When using nova-network, I got the output on horizon: [Sun Feb 15 02:48:41.965163 2015] [:error] [pid 21259:tid 140656137611008] Error while checking action permissions. [Sun Feb 15 02:48:41.965184 2015] [:error] [pid 21259:tid 140656137611008] Traceback (most recent call last): [Sun Feb 15 02:48:41.965193 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/tables/base.py", line 1260, in _filter_action [Sun Feb 15 02:48:41.965199 2015] [:error] [pid 21259:tid 140656137611008] return action._allowed(request, datum) and row_matched [Sun Feb 15 02:48:41.965205 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/tables/actions.py", line 137, in _allowed [Sun Feb 15 02:48:41.965211 2015] [:error] [pid 21259:tid 140656137611008] return self.allowed(request, datum) [Sun Feb 15 02:48:41.965440 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/access_and_security/security_groups/tables.py", line 83, in allowed [Sun Feb 15 02:48:41.965457 2015] [:error] [pid 21259:tid 140656137611008] if usages['security_groups']['available'] <= 0: [Sun Feb 15 02:48:41.965466 2015] [:error] [pid 21259:tid 140656137611008] KeyError: 'available' [Sun Feb 15 02:48:41.986480 2015] [:error] [pid 21259:tid 140656137611008] Error while checking action permissions. [Sun Feb 15 02:48:41.986533 2015] [:error] [pid 21259:tid 140656137611008] Traceback (most recent call last): [Sun Feb 15 02:48:41.986569 2015] [:error] [pid 21259:tid 140656137611008] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon
[Yahoo-eng-team] [Bug 1388698] Re: dhcp_agents_per_network does not work appropriately.
This bug is fixed by [1] https://review.openstack.org/#/c/131150/ ** Changed in: neutron Status: In Progress => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1388698 Title: dhcp_agents_per_network does not work appropriately. Status in OpenStack Neutron (virtual network service): Invalid Bug description: Hi, I want to ask about dhcp_agents_per_network option in neutron.conf. That's instruction is in neutron.conf - # Number of DHCP agents scheduled to host a network. This enables redundant # DHCP agents for configured networks. # dhcp_agents_per_network = 1 dhcp_agents_per_network = 1 - I hit situation that network is hosted by multiple dhcp-agents evenif dhcp_agents_per_network = 1. I think dhcp_agents_per_network does not work appropriately. The procedure are as follows. Conditions: A) multiple network nodes. B) dhcp-agents are alives in each network nodes. C) one network is hosted by one dhcp-agent. ex: network node1: dhcp-agent1 hosts network1 and network2. network node2: dhcp-agent2 hosts no network. procedures: 1) stop dhcp-agent1 and dhcp-agent2. 2) start dhcp-agent2. result: network node1: dhcp-agent1 hosts network1 and network2. network node2: dhcp-agent2 hosts network1 and network2. dnsmasq hosting network1 boots on network node1 and 2. also, dnsmasq hosting network2 boots on network node1 and 2. dhcp_agents_per_network option means "active_dhcp_agents_per_network" or "dhcp_agents_per_network"? To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1388698/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1422048] [NEW] host_state.limits don't automatically update in filters
Public bug reported: host_state.limits don't update in the resources refresh process and only update using the filters. The implementation will encounter a problem in the following scene: When creating a vm by specifying a host and the host has insufficient resouces, the user can scale resources by hand, such as the disk is insufficient. The resources scaled by hand can be able to refresh db, but the host_state.limits are not refreshed. At this time, if we creating a vm by specifying a host, it can't create a vm successfully because of the host_state.limits ** Affects: nova Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1422048 Title: host_state.limits don't automatically update in filters Status in OpenStack Compute (Nova): New Bug description: host_state.limits don't update in the resources refresh process and only update using the filters. The implementation will encounter a problem in the following scene: When creating a vm by specifying a host and the host has insufficient resouces, the user can scale resources by hand, such as the disk is insufficient. The resources scaled by hand can be able to refresh db, but the host_state.limits are not refreshed. At this time, if we creating a vm by specifying a host, it can't create a vm successfully because of the host_state.limits To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1422048/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1421999] [NEW] Create & Edit Project is Broken
Public bug reported: Goto Identity -> Projects and the click on "create Project". It gives an error "An Error occured. Please try again later.". This is happening because code is not able to find the "_member_" user in the keystone. [Sat Feb 14 18:18:54.223434 2015] [:error] [pid 8690:tid 140651877480192] File "/usr/local/lib/python2.7/dist-packages/django/template/debug.py", line 78, in render_node [Sat Feb 14 18:18:54.223572 2015] [:error] [pid 8690:tid 140651877480192] return node.render(context) [Sat Feb 14 18:18:54.223697 2015] [:error] [pid 8690:tid 140651877480192] File "/usr/local/lib/python2.7/dist-packages/django/template/defaulttags.py", line 196, in render [Sat Feb 14 18:18:54.223837 2015] [:error] [pid 8690:tid 140651877480192] nodelist.append(node.render(context)) [Sat Feb 14 18:18:54.224005 2015] [:error] [pid 8690:tid 140651877480192] File "/usr/local/lib/python2.7/dist-packages/django/template/defaulttags.py", line 298, in render [Sat Feb 14 18:18:54.224158 2015] [:error] [pid 8690:tid 140651877480192] match = condition.eval(context) [Sat Feb 14 18:18:54.224330 2015] [:error] [pid 8690:tid 140651877480192] File "/usr/local/lib/python2.7/dist-packages/django/template/defaulttags.py", line 867, in eval [Sat Feb 14 18:18:54.224517 2015] [:error] [pid 8690:tid 140651877480192] return self.value.resolve(context, ignore_failures=True) [Sat Feb 14 18:18:54.225774 2015] [:error] [pid 8690:tid 140651877480192] File "/usr/local/lib/python2.7/dist-packages/django/template/base.py", line 585, in resolve [Sat Feb 14 18:18:54.226659 2015] [:error] [pid 8690:tid 140651877480192] obj = self.var.resolve(context) [Sat Feb 14 18:18:54.226931 2015] [:error] [pid 8690:tid 140651877480192] File "/usr/local/lib/python2.7/dist-packages/django/template/base.py", line 735, in resolve [Sat Feb 14 18:18:54.227073 2015] [:error] [pid 8690:tid 140651877480192] value = self._resolve_lookup(context) [Sat Feb 14 18:18:54.227153 2015] [:error] [pid 8690:tid 140651877480192] File "/usr/local/lib/python2.7/dist-packages/django/template/base.py", line 789, in _resolve_lookup [Sat Feb 14 18:18:54.227271 2015] [:error] [pid 8690:tid 140651877480192] current = current() [Sat Feb 14 18:18:54.227349 2015] [:error] [pid 8690:tid 140651877480192] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/workflows/base.py", line 439, in has_required_fields [Sat Feb 14 18:18:54.227433 2015] [:error] [pid 8690:tid 140651877480192] return any(field.required for field in self.action.fields.values()) [Sat Feb 14 18:18:54.227516 2015] [:error] [pid 8690:tid 140651877480192] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/workflows/base.py", line 368, in action [Sat Feb 14 18:18:54.227599 2015] [:error] [pid 8690:tid 140651877480192] context) [Sat Feb 14 18:18:54.227673 2015] [:error] [pid 8690:tid 140651877480192] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/identity/projects/workflows.py", line 204, in __init__ [Sat Feb 14 18:18:54.227758 2015] [:error] [pid 8690:tid 140651877480192] redirect=reverse(INDEX_URL)) [Sat Feb 14 18:18:54.227848 2015] [:error] [pid 8690:tid 140651877480192] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../horizon/exceptions.py", line 364, in handle [Sat Feb 14 18:18:54.227978 2015] [:error] [pid 8690:tid 140651877480192] six.reraise(exc_type, exc_value, exc_traceback) [Sat Feb 14 18:18:54.228069 2015] [:error] [pid 8690:tid 140651877480192] File "/opt/stack/horizon/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/identity/projects/workflows.py", line 200, in __init__ [Sat Feb 14 18:18:54.228155 2015] [:error] [pid 8690:tid 140651877480192] raise exceptions.NotFound(msg) [Sat Feb 14 18:18:54.228230 2015] [:error] [pid 8690:tid 140651877480192] NotFound: Could not find default role "_member_" in Keystone And when i queried Keystone api for the role-list, the _member_ was missing. stack@ubuntu:~/devstack$ keystone role-list +--+-+ |id| name | +--+-+ | beb167e318c24a91a03b35ceb727691b | Member | | 0e89a82771144ac4997dfd5a3348bbb6 | ResellerAdmin | | 8b4e346d05164038a17b750c6ea8e5ed | admin | | 2f096118163e4914bb91fd63283accd5 | anotherrole | | 20126fa129714525b759b82c0ee1b558 | heat_stack_user | | 19b00836ac9d441b811baaafa06b49be | service | +--+-+ ** Affects: horizon Importance: Undecided Assignee: Nikunj Aggarwal (nikunj2512) Status: New ** Changed in: horizon Assignee: (unassigned) => Nikunj Aggarwal (nikunj2512) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.
[Yahoo-eng-team] [Bug 1421971] [NEW] get_endpoint_group_in_project missing from sample policy files
Public bug reported:
We've got an mapping for "get_endpoint_group_in_project", which maps to
GET /v3/OS-EP-
FILTER/endpoint_groups/{endpoint_group_id}/projects/{project_id}, but
it's not a target in the sample policy files. All the operations should
be in the sample policy file so admins know what's available.
** Affects: keystone
Importance: Undecided
Assignee: Brant Knudson (blk-u)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Brant Knudson (blk-u)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1421971
Title:
get_endpoint_group_in_project missing from sample policy files
Status in OpenStack Identity (Keystone):
New
Bug description:
We've got an mapping for "get_endpoint_group_in_project", which maps
to GET /v3/OS-EP-
FILTER/endpoint_groups/{endpoint_group_id}/projects/{project_id}, but
it's not a target in the sample policy files. All the operations
should be in the sample policy file so admins know what's available.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1421971/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1421966] [NEW] Getting role for trust is double-protected
Public bug reported:
The function for getting or checking a role for trust (GET/HEAD
/v3/OS-TRUST/trusts/{trust_id}/roles/{role_id}) winds up being protected first
by `get_role_for_trust` and then by `check_role_for_trust`. This is because
get_role_for_trust winds up calling self.check_role_for_trust()[1]. There's
actually no external route for "check_role_for_trust", so this policy target
should be removed.
[1]
http://git.openstack.org/cgit/openstack/keystone/tree/keystone/trust/controllers.py#n272
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1421966
Title:
Getting role for trust is double-protected
Status in OpenStack Identity (Keystone):
New
Bug description:
The function for getting or checking a role for trust (GET/HEAD
/v3/OS-TRUST/trusts/{trust_id}/roles/{role_id}) winds up being protected first
by `get_role_for_trust` and then by `check_role_for_trust`. This is because
get_role_for_trust winds up calling self.check_role_for_trust()[1]. There's
actually no external route for "check_role_for_trust", so this policy target
should be removed.
[1]
http://git.openstack.org/cgit/openstack/keystone/tree/keystone/trust/controllers.py#n272
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1421966/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
[Yahoo-eng-team] [Bug 1421968] [NEW] List Endpoint Groups Associated with project not routed
Public bug reported:
I was looking through the sample policy.json file and noticed that the
"identity:list_endpoint_groups_for_project" target doesn't have a corresponding
mapping in the routers[1]. Looks like there's supposed to be a router mapping
/v3/OS-EP-FILTER/endpoint_groups/projects/{project_id}[2] to
list_endpoint_groups_for_project. Since there's no mapping for the path, the
keystone server is just going to 404.
[1] This would be in
http://git.openstack.org/cgit/openstack/keystone/tree/keystone/contrib/endpoint_filter/routers.py
[2]
http://specs.openstack.org/openstack/keystone-specs/api/v3/identity-api-v3-os-ep-filter-ext.html#list-endpoint-groups-associated-with-project
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1421968
Title:
List Endpoint Groups Associated with project not routed
Status in OpenStack Identity (Keystone):
New
Bug description:
I was looking through the sample policy.json file and noticed that the
"identity:list_endpoint_groups_for_project" target doesn't have a corresponding
mapping in the routers[1]. Looks like there's supposed to be a router mapping
/v3/OS-EP-FILTER/endpoint_groups/projects/{project_id}[2] to
list_endpoint_groups_for_project. Since there's no mapping for the path, the
keystone server is just going to 404.
[1] This would be in
http://git.openstack.org/cgit/openstack/keystone/tree/keystone/contrib/endpoint_filter/routers.py
[2]
http://specs.openstack.org/openstack/keystone-specs/api/v3/identity-api-v3-os-ep-filter-ext.html#list-endpoint-groups-associated-with-project
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1421968/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
