From 7723825c2c9eb71f4d9f10c79c37d8633bfc8109 Mon Sep 17 00:00:00 2001 From: jodewey Date: Mon, 5 Jan 2015 10:57:08 -0800 Subject: [PATCH 1/2] Compare against a list not a string The `CONF.ldap.builtin_users` is configured as a comma delimited string, and needs to be converted to a list before comparison. Closes-rally-bug: DE778 Not-in-upstream: true --- keystone/identity/backends/hybrid-idm.py | 2 +- keystone/identity/backends/hybrid.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/keystone/identity/backends/hybrid-idm.py b/keystone/identity/backends/hybrid-idm.py index 7506395bb..109831d31 100644 --- a/keystone/identity/backends/hybrid-idm.py +++ b/keystone/identity/backends/hybrid-idm.py @@ -19,7 +19,7 @@ LDAP_USER_ID_ATTRIBUTE = CONF.ldap.user_id_attribute LDAP_USER_TREE_DN = CONF.ldap.user_tree_dn LDAP_GENERIC_TREE_DN = CONF.ldap.generic_tree_dn -LDAP_BUILTIN_USERS = CONF.ldap.builtin_users +LDAP_BUILTIN_USERS = CONF.ldap.builtin_users.split(',') LOG = logging.getLogger(__name__) diff --git a/keystone/identity/backends/hybrid.py b/keystone/identity/backends/hybrid.py index cf58e8599..6d0e328fe 100644 --- a/keystone/identity/backends/hybrid.py +++ b/keystone/identity/backends/hybrid.py @@ -19,7 +19,7 @@ LDAP_USER_ID_ATTRIBUTE = CONF.ldap.user_id_attribute LDAP_USER_TREE_DN = CONF.ldap.user_tree_dn LDAP_GENERIC_TREE_DN = CONF.ldap.generic_tree_dn -LDAP_BUILTIN_USERS = CONF.ldap.builtin_users +LDAP_BUILTIN_USERS = CONF.ldap.builtin_users.split(',') LOG = logging.getLogger(__name__) From 2d85f50b5667bf2857b2e0e68902fdc48be6ae2b Mon Sep 17 00:00:00 2001 From: jodewey Date: Mon, 5 Jan 2015 12:07:28 -0800 Subject: [PATCH 2/2] Switched to `ListOpt` --- keystone/identity/backends/hybrid-idm.py | 9 ++++++--- keystone/identity/backends/hybrid.py | 9 ++++++--- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/keystone/identity/backends/hybrid-idm.py b/keystone/identity/backends/hybrid-idm.py index 109831d31..1e578943e 100644 --- a/keystone/identity/backends/hybrid-idm.py +++ b/keystone/identity/backends/hybrid-idm.py @@ -5,12 +5,15 @@ from keystone.identity.backends import sql from keystone.identity.backends import ldap from keystone.openstack.common import log as logging -from keystone import config +from oslo.config import cfg +from keystone import config as ks_cfg from keystone.common.ldap import core import uuid import re -CONF = config.CONF +CONF = ks_cfg.CONF +ks_cfg.CONF.register_opt(cfg.ListOpt('builtin_users'), group='ldap') + DEFAULT_DOMAIN_ID = CONF.identity.default_domain_id LDAP_BIND_USER = CONF.ldap.user LDAP_BIND_PASSWORD = CONF.ldap.password @@ -19,7 +22,7 @@ LDAP_USER_ID_ATTRIBUTE = CONF.ldap.user_id_attribute LDAP_USER_TREE_DN = CONF.ldap.user_tree_dn LDAP_GENERIC_TREE_DN = CONF.ldap.generic_tree_dn -LDAP_BUILTIN_USERS = CONF.ldap.builtin_users.split(',') +LDAP_BUILTIN_USERS = CONF.ldap.builtin_users LOG = logging.getLogger(__name__) diff --git a/keystone/identity/backends/hybrid.py b/keystone/identity/backends/hybrid.py index 6d0e328fe..cc62769d1 100644 --- a/keystone/identity/backends/hybrid.py +++ b/keystone/identity/backends/hybrid.py @@ -5,12 +5,15 @@ from keystone.identity.backends import sql from keystone.identity.backends import ldap from keystone.openstack.common import log as logging -from keystone import config +from oslo.config import cfg +from keystone import config as ks_cfg from keystone.common.ldap import core import uuid import re -CONF = config.CONF +CONF = ks_cfg.CONF +ks_cfg.CONF.register_opt(cfg.ListOpt('builtin_users'), group='ldap') + DEFAULT_DOMAIN_ID = CONF.identity.default_domain_id LDAP_BIND_USER = CONF.ldap.user LDAP_BIND_PASSWORD = CONF.ldap.password @@ -19,7 +22,7 @@ LDAP_USER_ID_ATTRIBUTE = CONF.ldap.user_id_attribute LDAP_USER_TREE_DN = CONF.ldap.user_tree_dn LDAP_GENERIC_TREE_DN = CONF.ldap.generic_tree_dn -LDAP_BUILTIN_USERS = CONF.ldap.builtin_users.split(',') +LDAP_BUILTIN_USERS = CONF.ldap.builtin_users LOG = logging.getLogger(__name__)