Public bug reported: In credential list API, when user passes the query parameter as name with invalid value then, it returns list of all available credentials.
Steps to reproduce: 1. Curl Command curl -g -i -X GET http://10.232.48.206/identity/v3/credentials?name=2dba5076c6f14c2ea6bf691e7d0ba71534333333 -H "User-Agent: python-keystoneclient" -H "Accept: application/json" -H "X-Auth-Token: fddae55403c247a1bb1ddc6751424c63" 2. Response HTTP/1.1 200 OK Date: Thu, 25 May 2017 11:40:57 GMT Server: Apache/2.4.18 (Ubuntu) Vary: X-Auth-Token Content-Type: application/json Content-Length: 410 x-openstack-request-id: req-4cfb95d7-6424-4151-819b-37d195e20b43 Connection: close 3. Output {"credentials": [{"user_id": "8c3b0c35d48142b3a1b5078bb7abd203", "links": {"self": "http://10.232.48.206/identity/v3/credentials/52c7d4b344174e92b83a35e5cf873262"}, "blob": "test_data", "project_id": null, "type": "cert", "id": "52c7d4b344174e92b83a35e5cf873262"}], "links": {"self": "http://10.232.48.206/identity/v3/credentials?name=2dba5076c6f14c2ea6bf691e7d0ba71534333333";, "previous": null, "next": null}} In my opinion to maintain the consistency, Credential list API should return empty list when invalid query parameter is passed. Same issue is present for the policy API also. master: commit e171c7905556d372a236b227d4ef599ea3034920 Author: OpenStack Proposal Bot <[email protected]> Date: Sat May 20 04:36:44 2017 +0000 ** Affects: keystone Importance: Undecided Assignee: Pooja Jadhav (poojajadhav) Status: New ** Changed in: keystone Assignee: (unassigned) => Pooja Jadhav (poojajadhav) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1693498 Title: Credential list API returns list of available credentials when user passes invalid name as query parameter Status in OpenStack Identity (keystone): New Bug description: In credential list API, when user passes the query parameter as name with invalid value then, it returns list of all available credentials. Steps to reproduce: 1. Curl Command curl -g -i -X GET http://10.232.48.206/identity/v3/credentials?name=2dba5076c6f14c2ea6bf691e7d0ba71534333333 -H "User-Agent: python-keystoneclient" -H "Accept: application/json" -H "X-Auth-Token: fddae55403c247a1bb1ddc6751424c63" 2. Response HTTP/1.1 200 OK Date: Thu, 25 May 2017 11:40:57 GMT Server: Apache/2.4.18 (Ubuntu) Vary: X-Auth-Token Content-Type: application/json Content-Length: 410 x-openstack-request-id: req-4cfb95d7-6424-4151-819b-37d195e20b43 Connection: close 3. Output {"credentials": [{"user_id": "8c3b0c35d48142b3a1b5078bb7abd203", "links": {"self": "http://10.232.48.206/identity/v3/credentials/52c7d4b344174e92b83a35e5cf873262"}, "blob": "test_data", "project_id": null, "type": "cert", "id": "52c7d4b344174e92b83a35e5cf873262"}], "links": {"self": "http://10.232.48.206/identity/v3/credentials?name=2dba5076c6f14c2ea6bf691e7d0ba71534333333";, "previous": null, "next": null}} In my opinion to maintain the consistency, Credential list API should return empty list when invalid query parameter is passed. Same issue is present for the policy API also. master: commit e171c7905556d372a236b227d4ef599ea3034920 Author: OpenStack Proposal Bot <[email protected]> Date: Sat May 20 04:36:44 2017 +0000 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1693498/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
