summaryrefslogtreecommitdiffstats
path: root/keystone-moon/keystone
diff options
context:
space:
mode:
authorRuan HE <ruan.he@orange.com>2015-10-14 20:08:24 +0000
committerGerrit Code Review <gerrit@172.30.200.206>2015-10-14 20:08:24 +0000
commitf514f6dc77e118854116be7bb21ef490db9c1087 (patch)
tree17b81b16ab4ef66515f494694fb523540dad4784 /keystone-moon/keystone
parent6d5c2202c0bc0c4d2e1ab7d5d4bd7bdd631bd465 (diff)
parentbc8c519eb4b7b15560bfeb2d7f8487742f83899f (diff)
Merge "When a tenant is not managed by Moon, the result of the authz function is always True."
Diffstat (limited to 'keystone-moon/keystone')
-rw-r--r--keystone-moon/keystone/contrib/moon/core.py4
1 files changed, 3 insertions, 1 deletions
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py
index bca90adb..4cb178ed 100644
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -1823,7 +1823,9 @@ class IntraExtensionAuthzManager(IntraExtensionManager):
tenants_dict = self.tenant_api.get_tenants_dict(self.root_api.get_root_admin_id())
if tenant_id not in tenants_dict:
- raise TenantUnknown()
+ # raise TenantUnknown("Cannot authz because Tenant is unknown {}".format(tenant_id))
+ LOG.warning("Cannot authz because Tenant is not managed by Moon {}".format(tenant_id))
+ return {'authz': True, 'comment': "Cannot authz because Tenant is not managed by Moon {}".format(tenant_id)}
intra_extension_id = tenants_dict[tenant_id][genre]
if not intra_extension_id:
raise TenantNoIntraExtension()