Fix bugs with set ldap password.

There is no check that 'name' exists in the keys.

Client update password call expects update_user to return the new user
as do the kvs and sql back ends.

Change-Id: I1b7af9b9225fa06a9404d0a54cd1ef7b6e5cda80

1 files changed, 2 insertions, 1 deletions

diff --git a/keystone/identity/backends/ldap/core.py b/keystone/identity/backends/ldap/core.py
index 130c319e..50a8fd80 100644
--- a/keystone/identity/backends/ldap/core.py
+++ b/keystone/identity/backends/ldap/core.py
@@ -422,7 +422,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
             old_obj = self.get(id)
         except exception.NotFound:
             raise exception.UserNotFound(user_id=id)
-        if old_obj.get('name') != values['name']:
+        if 'name' in values and old_obj.get('name') != values['name']:
             raise exception.Conflict('Cannot change user name')
         try:
             new_tenant = values['tenant_id']
@@ -440,6 +440,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
             values['enabled_nomask'] = old_obj['enabled_nomask']
             self.mask_enabled_attribute(values)
         super(UserApi, self).update(id, values, old_obj)
+        return self.get(id)
 
     def delete(self, id):
         user = self.get(id)