Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Properly list tokens with a null tenant

We store the tenant as a null value in json, so checking to see
if it exists is not sufficient. This makes the check safer, checking
for existance and not null before continuing.

Fixes bug 1078497

Change-Id: Ida1b958e5df6f93a30efae0d3f71df668751ff81
  • Loading branch information...
commit 80d63c882c7b847a8b73cf1e2b0f587a25be4d5f 1 parent 47e4dc8
@vishvananda vishvananda authored dolph committed
View
10 keystone/token/backends/kvs.py
@@ -56,16 +56,18 @@ def list_tokens(self, user_id, tenant_id=None):
for token, ref in self.db.items():
if not token.startswith('token-'):
continue
- if 'user' not in ref:
+ user = ref.get('user')
+ if not user:
continue
- if ref['user'].get('id') != user_id:
+ if user.get('id') != user_id:
continue
if ref.get('expires') and ref.get('expires') < now:
continue
if tenant_id is not None:
- if 'tenant' not in ref:
+ tenant = ref.get('tenant')
+ if not tenant:
continue
- if ref['tenant'].get('id') != tenant_id:
+ if tenant.get('id') != tenant_id:
continue
tokens.append(token.split('-', 1)[1])
return tokens
View
5 keystone/token/backends/memcache.py
@@ -107,9 +107,10 @@ def list_tokens(self, user_id, tenant_id=None):
token_ref = self.client.get(ptk)
if token_ref:
if tenant_id is not None:
- if 'tenant' not in token_ref:
+ tenant = token_ref.get('tenant')
+ if not tenant:
continue
- if token_ref['tenant'].get('id') != tenant_id:
+ if tenant.get('id') != tenant_id:
continue
tokens.append(token_id)
return tokens
View
10 keystone/token/backends/sql.py
@@ -103,14 +103,16 @@ def list_tokens(self, user_id, tenant_id=None):
.filter(TokenModel.expires > now)\
.filter_by(valid=True):
token_ref_dict = token_ref.to_dict()
- if 'user' not in token_ref_dict:
+ user = token_ref_dict.get('user')
+ if not user:
continue
- if token_ref_dict['user'].get('id') != user_id:
+ if user.get('id') != user_id:
continue
if tenant_id is not None:
- if 'tenant' not in token_ref_dict:
+ tenant = token_ref_dict.get('tenant')
+ if not tenant:
continue
- if token_ref_dict['tenant'].get('id') != tenant_id:
+ if tenant.get('id') != tenant_id:
continue
tokens.append(token_ref['id'])
return tokens
Please sign in to comment.
Something went wrong with that request. Please try again.