Redundant events on group grant revocation

Revoke a project scoped token You see 3 entries in revocation_event table 1) (id, user_id, project_id, role_id, issued_before) 2) (id, user_id,, issued_before) 3) (id, user_id,, issued_before) 2 & 3 are redundant. Definitely 3) is redundant as it is same as 2) Both 2 & 3 are the result of handling notification fired by _emit_invalidate_token_persistence. Change-Id: I7199bcb9f9425004985e9db0833ce1f8a0ff5ac6 Closes-Bug: 1430951
2015-04-07 20:25:03 +03:00 · 2015-04-07 20:25:03 +03:00 · 888488cc2e
parent 1d4a6db158
commit 888488cc2e
1 changed files with 0 additions and 2 deletions
--- a/keystone/assignment/core.py
+++ b/keystone/assignment/core.py
@ -445,8 +445,6 @@ class Manager(manager.Manager):
                # for invalidating tokens below, so extract them here.
                for user in self.identity_api.list_users_in_group(group_id):
                    if user['id'] != user_id:
-                        self._emit_invalidate_user_token_persistence(
-                            user['id'])
                        self.revoke_api.revoke_by_grant(
                            user_id=user['id'], role_id=role_id,
                            domain_id=domain_id, project_id=project_id)