From 2eea4553e23ff3c0d4d367316ea634253e11c10a Mon Sep 17 00:00:00 2001
From: Dolph Mathews <dolph.mathews@gmail.com>
Date: Wed, 7 Nov 2012 15:17:52 -0600
Subject: Include 'extra' attributes twice (bug 1076120)

In order to maintain backwards-compatibility with the output of the
previously-broken SQL driver, non-indexed attributes are included in the
update user/tenant response in both the correct and expected locations.

Change-Id: I54f69c0c4cb3ade349190bc0c61539dcc1846267
---
 keystone/common/sql/core.py       | 13 ++++++++++++-
 keystone/identity/backends/sql.py |  4 ++--
 keystone/identity/core.py         |  5 +++++
 3 files changed, 19 insertions(+), 3 deletions(-)

(limited to 'keystone')

diff --git a/keystone/common/sql/core.py b/keystone/common/sql/core.py
index 1a9d595f..d8e11c3a 100644
--- a/keystone/common/sql/core.py
+++ b/keystone/common/sql/core.py
@@ -68,10 +68,21 @@ class DictBase(object):
 
         return cls(**new_d)
 
-    def to_dict(self):
+    def to_dict(self, include_extra_dict=False):
+        """Returns the model's attributes as a dictionary.
+
+        If include_extra_dict is True, 'extra' attributes are literally
+        included in the resulting dictionary twice, for backwards-compatibility
+        with a broken implementation.
+
+        """
         d = self.extra.copy()
         for attr in self.__class__.attributes:
             d[attr] = getattr(self, attr)
+
+        if include_extra_dict:
+            d['extra'] = self.extra.copy()
+
         return d
 
     def __setitem__(self, key, value):
diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py
index 7c3eb975..753a30e2 100644
--- a/keystone/identity/backends/sql.py
+++ b/keystone/identity/backends/sql.py
@@ -337,7 +337,7 @@ class Identity(sql.Base, identity.Driver):
             user_ref.name = new_user.name
             user_ref.extra = new_user.extra
             session.flush()
-        return identity.filter_user(user_ref.to_dict())
+        return identity.filter_user(user_ref.to_dict(include_extra_dict=True))
 
     def delete_user(self, user_id):
         session = self.get_session()
@@ -378,7 +378,7 @@ class Identity(sql.Base, identity.Driver):
             tenant_ref.name = new_tenant.name
             tenant_ref.extra = new_tenant.extra
             session.flush()
-        return tenant_ref.to_dict()
+        return tenant_ref.to_dict(include_extra_dict=True)
 
     def delete_tenant(self, tenant_id):
         session = self.get_session()
diff --git a/keystone/identity/core.py b/keystone/identity/core.py
index 89663047..5bd2f446 100644
--- a/keystone/identity/core.py
+++ b/keystone/identity/core.py
@@ -45,6 +45,11 @@ def filter_user(user_ref):
         user_ref = user_ref.copy()
         user_ref.pop('password', None)
         user_ref.pop('tenants', None)
+        try:
+            user_ref['extra'].pop('password', None)
+            user_ref['extra'].pop('tenants', None)
+        except KeyError:
+            pass
     return user_ref
 
 
-- 
cgit