From eee307a8967d5bef6c45b3e4b0ba4a9d8e855158 Mon Sep 17 00:00:00 2001 From: Dan Prince Date: Tue, 20 Sep 2011 08:47:57 -0400 Subject: Update validate_service_or_keystone_admin_token so that it doesn't cause exceptions if the admin or service admin haven't been configured. Change-Id: I86e3d6ce439740832aee0351d431e64e17c7a1b2 Add logging. Change-Id: I06b4ce501bc8c1d9fb2533c4ee793ee179503060 --- keystone/logic/service.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/keystone/logic/service.py b/keystone/logic/service.py index 8c29d014..a8c88f13 100755 --- a/keystone/logic/service.py +++ b/keystone/logic/service.py @@ -15,6 +15,7 @@ from datetime import datetime, timedelta import uuid +import logging from keystone.logic.types import auth, atom from keystone.logic.signer import Signer @@ -30,6 +31,9 @@ from keystone.logic.types.endpoint import Endpoint, Endpoints, \ EndpointTemplate, EndpointTemplates +LOG = logging.getLogger('keystone.logic.service') + + class IdentityService(object): """Implements Identity service""" @@ -513,11 +517,17 @@ class IdentityService(object): if backends.ADMIN_ROLE_ID is None: role = api.ROLE.get_by_name(backends.ADMIN_ROLE_NAME) - backends.ADMIN_ROLE_ID = role.id + if role: + backends.ADMIN_ROLE_ID = role.id + else: + LOG.error('Admin role is missing.') if backends.SERVICE_ADMIN_ROLE_ID is None: role = api.ROLE.get_by_name(backends.SERVICE_ADMIN_ROLE_NAME) - backends.SERVICE_ADMIN_ROLE_ID = role.id + if role: + backends.SERVICE_ADMIN_ROLE_ID = role.id + else: + LOG.warn('No service admin role is defined.') for role_ref in api.ROLE.ref_get_all_global_roles(user.id): if (role_ref.role_id == backends.ADMIN_ROLE_ID or \ -- cgit