diff options
author | Vishvananda Ishaya <vishvananda@gmail.com> | 2012-11-13 15:34:00 -0800 |
---|---|---|
committer | Vishvananda Ishaya <vishvananda@gmail.com> | 2012-11-13 15:38:16 -0800 |
commit | ac2d5b85b16da31ebf4833b6264961c567125249 (patch) | |
tree | 1c576fcdd535db88254d48bac38d5efa943800c2 /keystone/token/backends | |
parent | 001f708e7d9ffc69c80f823e7ab5f79325cc8a40 (diff) | |
download | keystone-ac2d5b85b16da31ebf4833b6264961c567125249.tar.gz keystone-ac2d5b85b16da31ebf4833b6264961c567125249.tar.xz keystone-ac2d5b85b16da31ebf4833b6264961c567125249.zip |
Properly list tokens with a null tenant
We store the tenant as a null value in json, so checking to see
if it exists is not sufficient. This makes the check safer, checking
for existance and not null before continuing.
Fixes bug 1078497
Change-Id: Ida1b958e5df6f93a30efae0d3f71df668751ff81
Diffstat (limited to 'keystone/token/backends')
-rw-r--r-- | keystone/token/backends/kvs.py | 10 | ||||
-rw-r--r-- | keystone/token/backends/memcache.py | 5 | ||||
-rw-r--r-- | keystone/token/backends/sql.py | 10 |
3 files changed, 15 insertions, 10 deletions
diff --git a/keystone/token/backends/kvs.py b/keystone/token/backends/kvs.py index d723e505..123e12f9 100644 --- a/keystone/token/backends/kvs.py +++ b/keystone/token/backends/kvs.py @@ -59,16 +59,18 @@ class Token(kvs.Base, token.Driver): for token, ref in self.db.items(): if not token.startswith('token-'): continue - if 'user' not in ref: + user = ref.get('user') + if not user: continue - if ref['user'].get('id') != user_id: + if user.get('id') != user_id: continue if ref.get('expires') and ref.get('expires') < now: continue if tenant_id is not None: - if 'tenant' not in ref: + tenant = ref.get('tenant') + if not tenant: continue - if ref['tenant'].get('id') != tenant_id: + if tenant.get('id') != tenant_id: continue tokens.append(token.split('-', 1)[1]) return tokens diff --git a/keystone/token/backends/memcache.py b/keystone/token/backends/memcache.py index 41a4e290..e4fa69ad 100644 --- a/keystone/token/backends/memcache.py +++ b/keystone/token/backends/memcache.py @@ -109,9 +109,10 @@ class Token(token.Driver): token_ref = self.client.get(ptk) if token_ref: if tenant_id is not None: - if 'tenant' not in token_ref: + tenant = token_ref.get('tenant') + if not tenant: continue - if token_ref['tenant'].get('id') != tenant_id: + if tenant.get('id') != tenant_id: continue tokens.append(token_id) return tokens diff --git a/keystone/token/backends/sql.py b/keystone/token/backends/sql.py index 45919c01..6e40e91b 100644 --- a/keystone/token/backends/sql.py +++ b/keystone/token/backends/sql.py @@ -82,14 +82,16 @@ class Token(sql.Base, token.Driver): token_references = query.filter_by(valid=True) for token_ref in token_references: token_ref_dict = token_ref.to_dict() - if 'user' not in token_ref_dict: + user = token_ref_dict.get('user') + if not user: continue - if token_ref_dict['user'].get('id') != user_id: + if user.get('id') != user_id: continue if tenant_id is not None: - if 'tenant' not in token_ref_dict: + tenant = token_ref_dict.get('tenant') + if not tenant: continue - if token_ref_dict['tenant'].get('id') != tenant_id: + if tenant.get('id') != tenant_id: continue tokens.append(token_ref['id']) return tokens |