Updated Fix for duplicated entries on LDAP backend for get_tenant_users

Fixes bug 1050406

Change-Id: I74735c6c6094d3e57adea26e5035d19c318f73b3

2 files changed, 6 insertions, 4 deletions

diff --git a/keystone/common/models.py b/keystone/common/models.py
index 2710c12e..8b9f4cd5 100644
--- a/keystone/common/models.py
+++ b/keystone/common/models.py
@@ -23,6 +23,8 @@ Unless marked otherwise, all fields are strings.
 
 class Model(dict):
     """Base model class."""
+    def __hash__(self):
+        return self['id'].__hash__()
 
     @property
     def known_keys(cls):
diff --git a/keystone/identity/backends/ldap/core.py b/keystone/identity/backends/ldap/core.py
index 03d3ab61..07ff506e 100644
--- a/keystone/identity/backends/ldap/core.py
+++ b/keystone/identity/backends/ldap/core.py
@@ -556,20 +556,20 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin):
 
     def get_users(self, tenant_id, role_id=None):
         tenant = self._ldap_get(tenant_id)
-        res = []
+        res = set()
         if not role_id:
             # Get users who have default tenant mapping
             for user_dn in tenant[1].get(self.member_attribute, []):
                 if self.use_dumb_member and user_dn == self.DUMB_MEMBER_DN:
                     continue
-                res.append(self.user_api.get(self.user_api._dn_to_id(user_dn)))
+                res.add(self.user_api.get(self.user_api._dn_to_id(user_dn)))
 
         # Get users who are explicitly mapped via a tenant
         rolegrants = self.role_api.get_role_assignments(tenant_id)
         for rolegrant in rolegrants:
             if role_id is None or rolegrant.role_id == role_id:
-                res.append(self.user_api.get(rolegrant.user_id))
-        return res
+                res.add(self.user_api.get(rolegrant.user_id))
+        return list(res)
 
     def delete(self, id):
         super(TenantApi, self).delete(id)