user-role-crud 404 (bug 963056)

user-role-add user-role-remove Change-Id: I1b3cd019d0d110b01ed175822cdd6c9ddb486412
author: Dolph Mathews <dolph.mathews@gmail.com> 2012-03-25 12:03:26 -0500
committer: Dolph Mathews <dolph.mathews@gmail.com> 2012-03-27 18:55:42 -0700
commit: 9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2 (patch)
tree: c0b3b59eefc195a3c62101bbc537ec8b0a3155d6 /keystone/identity/core.py
parent: a9c6fb1d39f84f79f97333f59ef757cfd9dc8fd2 (diff)
download: keystone-9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2.tar.gz
keystone-9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2.tar.xz
keystone-9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2.zip
1 files changed, 13 insertions, 1 deletions
diff --git a/keystone/identity/core.py b/keystone/identity/core.py
index c2a1041d..ee225264 100644
--- a/keystone/identity/core.py
+++ b/keystone/identity/core.py
@@ -497,6 +497,12 @@ class RoleController(wsgi.Application):
         if tenant_id is None:
             raise exception.NotImplemented(message='User roles not supported: '
                                                    'tenant_id required')
+        if self.identity_api.get_user(context, user_id) is None:
+            raise exception.UserNotFound(user_id=user_id)
+        if self.identity_api.get_tenant(context, tenant_id) is None:
+            raise exception.TenantNotFound(tenant_id=tenant_id)
+        if self.identity_api.get_role(context, role_id) is None:
+            raise exception.RoleNotFound(role_id=role_id)
 
         # This still has the weird legacy semantics that adding a role to
         # a user also adds them to a tenant
@@ -517,9 +523,15 @@ class RoleController(wsgi.Application):
         if tenant_id is None:
             raise exception.NotImplemented(message='User roles not supported: '
                                                    'tenant_id required')
+        if self.identity_api.get_user(context, user_id) is None:
+            raise exception.UserNotFound(user_id=user_id)
+        if self.identity_api.get_tenant(context, tenant_id) is None:
+            raise exception.TenantNotFound(tenant_id=tenant_id)
+        if self.identity_api.get_role(context, role_id) is None:
+            raise exception.RoleNotFound(role_id=role_id)
 
         # This still has the weird legacy semantics that adding a role to
-        # a user also adds them to a tenant
+        # a user also adds them to a tenant, so we must follow up on that
         self.identity_api.remove_role_from_user_and_tenant(
                 context, user_id, tenant_id, role_id)
         roles = self.identity_api.get_roles_for_user_and_tenant(
author	Dolph Mathews <dolph.mathews@gmail.com>	2012-03-25 12:03:26 -0500
committer	Dolph Mathews <dolph.mathews@gmail.com>	2012-03-27 18:55:42 -0700
commit	9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2 (patch)
tree	c0b3b59eefc195a3c62101bbc537ec8b0a3155d6 /keystone/identity/core.py
parent	a9c6fb1d39f84f79f97333f59ef757cfd9dc8fd2 (diff)
download	keystone-9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2.tar.gz keystone-9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2.tar.xz keystone-9e4fe654ed3f2fa4040ccbcd0ccc003f56f9bce2.zip