Improving error message when deleting keystone users

This commit adds patch to keystone module where we enhance the error message when deleting system-critical keystone user using CLI or RESTAPI. Test Plan: PASS: build-pkgs -c keystone PASS: build-image PASS: bootstrap PASS: CLI- openstack user delete <keystone user> PASS: RESTAPI- curl command to delete <keystone user> Story: 2011239 Task: 51168 Change-Id: I667717fee6066d0b9896e29616a32e5ae5a32dba Signed-off-by: Rahul Roshan Kachchap <rahulroshan.kachchap@windriver.com>
2024-10-09 01:16:15 -04:00 · 2024-10-09 01:16:15 -04:00 · fda3811b57
commit fda3811b57
parent 42bda07829
2 changed files with 40 additions and 0 deletions
--- a/openstack/keystone/debian/patches/0003-Improving-delete-error-message-for-keystone-user-acc.patch
+++ b/openstack/keystone/debian/patches/0003-Improving-delete-error-message-for-keystone-user-acc.patch
@ -0,0 +1,39 @@
+From 1b735107e80cde5b2b22ce1fedb2e329961c6459 Mon Sep 17 00:00:00 2001
+From: Rahul Roshan Kachchap <rahulroshan.kachchap@windriver.com>
+Date: Fri, 4 Oct 2024 04:00:07 -0400
+Subject: [PATCH] Improving delete error message for keystone user accounts
+
+Signed-off-by: Rahul Roshan Kachchap <rahulroshan.kachchap@windriver.com>
+---
+ keystone/exception.py | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/keystone/exception.py b/keystone/exception.py
+index c62338b89..cacf1586b 100644
+--- a/keystone/exception.py
+++ b/keystone/exception.py
+@@ -350,15 +350,17 @@ class AdditionalAuthRequired(AuthPluginException):
+ 
+ 
+ class Forbidden(SecurityError):
+-    message_format = _("You are not authorized to perform the"
+-                       " requested action.")
+    message_format = _("You are forbidden to perform the requested action. "
+                       "This action is system-critical and cannot be executed- %(action)s. "
+                       "Please contact your administrator for further assistance.")
+     code = int(http.client.FORBIDDEN)
+     title = http.client.responses[http.client.FORBIDDEN]
+ 
+ 
+ class ForbiddenAction(Forbidden):
+-    message_format = _("You are not authorized to perform the"
+-                       " requested action: %(action)s.")
+    message_format = _("You are forbidden to perform the requested action. "
+                       "This action is system-critical and cannot be executed- %(action)s. "
+                       "Please contact your administrator for further assistance.")
+ 
+ 
+ class CrossBackendNotAllowed(Forbidden):
+-- 
+2.25.1
+
--- a/openstack/keystone/debian/patches/series
+++ b/openstack/keystone/debian/patches/series
@ -1,2 +1,3 @@
 0001-Support-storing-users-in-keyring.patch
 0002-change-group-perm-to-keyring-dir.patch
+0003-Improving-delete-error-message-for-keystone-user-acc.patch