When a tenant is not managed by Moon, the result of the authz function is always...

author asteroide <thomas.duval@orange.com>

Wed, 14 Oct 2015 20:00:28 +0000 (22:00 +0200)

committer asteroide <thomas.duval@orange.com>

Wed, 14 Oct 2015 20:00:28 +0000 (22:00 +0200)
author asteroide <thomas.duval@orange.com>
Wed, 14 Oct 2015 20:00:28 +0000 (22:00 +0200)
committer asteroide <thomas.duval@orange.com>
Wed, 14 Oct 2015 20:00:28 +0000 (22:00 +0200)
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py

index f1bba65..e509664 100644 (file)
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -1821,7 +1821,9 @@ class IntraExtensionAuthzManager(IntraExtensionManager):
          tenants_dict = self.tenant_api.get_tenants_dict(self.root_api.get_root_admin_id())
  
          if tenant_id not in tenants_dict:
-            raise TenantUnknown()
+            # raise TenantUnknown("Cannot authz because Tenant is unknown {}".format(tenant_id))
+            LOG.warning("Cannot authz because Tenant is not managed by Moon {}".format(tenant_id))
+            return {'authz': True, 'comment': "Cannot authz because Tenant is not managed by Moon {}".format(tenant_id)}
          intra_extension_id = tenants_dict[tenant_id][genre]
          if not intra_extension_id:
              raise TenantNoIntraExtension()
author	asteroide <thomas.duval@orange.com>
	Wed, 14 Oct 2015 20:00:28 +0000 (22:00 +0200)
committer	asteroide <thomas.duval@orange.com>
	Wed, 14 Oct 2015 20:00:28 +0000 (22:00 +0200)