From 781c65b72b78bd1e2b1d93db029d6b0c6fbc2050 Mon Sep 17 00:00:00 2001
From: Brant Knudson <bknudson@us.ibm.com>
Date: Thu, 8 Aug 2013 18:38:23 -0500
Subject: [PATCH] Fix LDAP Identity get user with user_enabled_mask

Fetching users using the LDAP Identity backend would fail with

 KeyError: 'enabled'

from _ldap_res_to_model when user_enabled_mask is not 0.

Change-Id: I39a9606ba7210f0fea064abd6adad379218b432b
Closes-Bug: #1210175
---
 keystone/identity/backends/ldap.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/keystone/identity/backends/ldap.py b/keystone/identity/backends/ldap.py
index 58b70a5c6a..5898da1f1a 100644
--- a/keystone/identity/backends/ldap.py
+++ b/keystone/identity/backends/ldap.py
@@ -220,8 +220,9 @@ def __init__(self, conf):
     def _ldap_res_to_model(self, res):
         obj = super(UserApi, self)._ldap_res_to_model(res)
         if self.enabled_mask != 0:
-            obj['enabled_nomask'] = obj['enabled']
-            obj['enabled'] = ((obj['enabled'] & self.enabled_mask) !=
+            enabled = int(obj.get('enabled', self.enabled_default))
+            obj['enabled_nomask'] = enabled
+            obj['enabled'] = ((enabled & self.enabled_mask) !=
                               self.enabled_mask)
         return obj