diff options
author | Ruan HE <ruan.he@orange.com> | 2015-10-14 20:08:24 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@172.30.200.206> | 2015-10-14 20:08:24 +0000 |
commit | f514f6dc77e118854116be7bb21ef490db9c1087 (patch) | |
tree | 17b81b16ab4ef66515f494694fb523540dad4784 /keystone-moon/keystone | |
parent | 6d5c2202c0bc0c4d2e1ab7d5d4bd7bdd631bd465 (diff) | |
parent | bc8c519eb4b7b15560bfeb2d7f8487742f83899f (diff) |
Merge "When a tenant is not managed by Moon, the result of the authz function is always True."
Diffstat (limited to 'keystone-moon/keystone')
-rw-r--r-- | keystone-moon/keystone/contrib/moon/core.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py index bca90adb..4cb178ed 100644 --- a/keystone-moon/keystone/contrib/moon/core.py +++ b/keystone-moon/keystone/contrib/moon/core.py @@ -1823,7 +1823,9 @@ class IntraExtensionAuthzManager(IntraExtensionManager): tenants_dict = self.tenant_api.get_tenants_dict(self.root_api.get_root_admin_id()) if tenant_id not in tenants_dict: - raise TenantUnknown() + # raise TenantUnknown("Cannot authz because Tenant is unknown {}".format(tenant_id)) + LOG.warning("Cannot authz because Tenant is not managed by Moon {}".format(tenant_id)) + return {'authz': True, 'comment': "Cannot authz because Tenant is not managed by Moon {}".format(tenant_id)} intra_extension_id = tenants_dict[tenant_id][genre] if not intra_extension_id: raise TenantNoIntraExtension() |