Public bug reported: If a role is provided by ID, keystone validates it in the app cred manager and a NotFound is properly masked as a validation error by the controller. If a role is provided by name, keystone searches for it in _normalize_role_list in the controller and will raise a NotFound there, which is returned directly to the user. The problem is demonstrated by this test:
https://review.openstack.org/640035 Not sure if we can actually do anything about this without technically breaking the v3 API. ** Affects: keystone Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1818085 Title: Application credential role validation has inconsistent error handling Status in OpenStack Identity (keystone): New Bug description: If a role is provided by ID, keystone validates it in the app cred manager and a NotFound is properly masked as a validation error by the controller. If a role is provided by name, keystone searches for it in _normalize_role_list in the controller and will raise a NotFound there, which is returned directly to the user. The problem is demonstrated by this test: https://review.openstack.org/640035 Not sure if we can actually do anything about this without technically breaking the v3 API. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1818085/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
