Bug 861943

Summary: keystone user name length
Product: Red Hat OpenStack Reporter: Attila Fazekas <afazekas>
Component: openstack-keystoneAssignee: Adam Young <ayoung>
Status: CLOSED WONTFIX QA Contact: Mike Abrams <mabrams>
Severity: low Docs Contact:
Priority: medium    
Version: 1.0 (Essex)CC: apevec, ayoung, dpal, mabrams, nbarcet, nkinder, nlevinki, yeylon
Target Milestone: ---Keywords: Automation, MoveUpstream, Triaged, ZStream
Target Release: 6.0 (Juno)   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-03-21 04:41:55 EDT Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:

Description Attila Fazekas 2012-10-01 08:22:56 EDT
Description of problem:
 Keystone should not allow creating user with zero length name.
 keystone should not truncate silently the more than 64 bytes names on creation.


Version-Release number of selected component (if applicable):
openstack-keystone-2012.1.2-4.el6.noarch

How reproducible: Always


Steps to Reproduce:
1.
$ keystone  user-create --name ""
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
| email    | None                             |
| enabled  | True                             |
| id       | 04af88f1dbe84e4eade92f0bfc73dd87 |
| name     |                                  |
| password | None                             |
| tenantId | None                             |
+----------+----------------------------------+

2.
$ keystone  user-create --name "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdefMORE"
+----------+----------------------------------------------------------------------+
| Property |                                Value                                 |
+----------+----------------------------------------------------------------------+
| email    | None                                                                 |
| enabled  | True                                                                 |
| id       | c53e5c0d118f417faa6819e7b0eea11a                                     |
| name     | 1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdefMORE |
| password | None                                                                 |
| tenantId | None                                                                 |
+----------+----------------------------------------------------------------------+
$ keystone user-list
+----------------------------------+---------+--------------------+------------------------------------------------------------------+
|                id                | enabled |       email        |                               name                               |
+----------------------------------+---------+--------------------+------------------------------------------------------------------+
| c53e5c0d118f417faa6819e7b0eea11a | True    | None               | 1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef |
+----------------------------------+---------+--------------------+------------------------------------------------------------------+

  
Actual results:
1. User created with "" name.
2. User Name truncated to 64 byte. The keystone user-create command reports back the requested user name, but the user-list contains the truncated name. 

Expected results:
 Rejecting user creation.

Additional info:
 The byte size limited to 64 byte by the DB. 
 Less than 64 UTF-8 character can reach the limit.
Comment 3 Adam Young 2014-01-07 16:44:37 EST
This needs to be enforced on  the server.
Comment 4 Adam Young 2014-11-22 13:23:19 EST
It may not be a complete soltuon, but try configuring the MySQL server with

 STRICT_TRANS_TABLES 
or
 STRICT_ALL_TABLES.

IAW  
http://dev.mysql.com/doc/refman/5.0/en/sql-mode.html#sqlmode_strict_all_tables
To see if it enforces the length constraint.
Comment 5 Ami Jeain 2014-11-24 03:15:42 EST
Mike, can u plz take care of this needinfo?
Comment 6 Mike Abrams 2014-11-25 03:45:58 EST
for osp6 Juno Beta:

* user create does not work (as expected) attempt returns -->
  "Name field is required and cannot be empty (HTTP 400)"
  ...although i am not positive it is because of a sql setting; i found no matching STRICT*TABLES settings in the my.cnf or in the running instance of mysql.

* truncation in the user-list does NOT occur; still shows full 69 character ID.
Comment 12 nlevinki 2016-03-21 04:41:55 EDT
See comment 10.
It is not fixed for this version, the fix is in version 8 .