keystone/bug-1858012-584267ada7e33f2c.yaml at 13410383cf55699f756c6ce01301d7e67c65b575 - keystone - OpenDev: Free Software Needs Free Tools

openstack/keystone

Colleen Murphy c2d8830662 Fix role_assignments role.id filter

Without this patch, if there are multiple role assignments on the system
and they are not all the same role, querying for role assignments with
/v3/role_assignments?role.id={role_id} may leak some role assignments
that don't match the role_id, making the returned results incorrect.
This patch fixes the issue by using a list comprehension instead of a
for loop over a list that was being modified within the loop.

Change-Id: Icfce3b14abb55c6fef3de1b314cee22fc8b1d08c
Closes-bug: #1858012

2020-01-02 09:24:54 -08:00

8 lines

295 B

YAML

Raw Blame History

 ---
 fixes:
   - |
     [`bug 1858012 <https://bugs.launchpad.net/keystone/+bug/1858012>`_]
     Fixes a bug in the /v3/role_assignments filtering where the `role.id` query
     parameter didn't properly filter role assignments by role in cases where
     there were multiple system role assignments.