handle missing access_rules

we delete the "access_rules" field from the form if keystone API
version is less than 3.13, but we don't consider the case in
clean() method. We are in Wallaby development cycle and we support
N-4 release for upgrade [1]. This means horizon can run with Stein
keystone. Pre-3.13 keystone API (i.e., 3.12) is part of Stein
release [2], so it makes sense to consider this condition.

[1] https://docs.openstack.org/horizon/latest/contributor/policies/supported-software.html
[2] https://docs.openstack.org/api-ref/identity/

Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Change-Id: I02e124d90f99d400d8c59bff2c563fdc85e624d4

openstack_dashboard/dashboards/identity/application_credentials/forms.py

@@ -132,12 +132,15 @@ class CreateApplicationCredentialForm(forms.SelfHandlingForm):
 
     def clean(self):
         cleaned_data = super().clean()
-        try:
+        # access_rules field exists only when keystone API >= 3.13 and
-            cleaned_data['access_rules'] = yaml.safe_load(
+        # the field is deleted above when a lower version of API is used.
-                cleaned_data['access_rules'])
+        if 'access_rules' in cleaned_data:
-        except yaml.YAMLError:
+            try:
-            msg = (_('Access rules must be a valid JSON or YAML list.'))
+                cleaned_data['access_rules'] = yaml.safe_load(
-            raise forms.ValidationError(msg)
+                    cleaned_data['access_rules'])
+            except yaml.YAMLError:
+                msg = (_('Access rules must be a valid JSON or YAML list.'))
+                raise forms.ValidationError(msg)
         return cleaned_data