OpenStack Identity (keystone)

  1. Bug #968696
  2. Comment #115

Comment 115 for bug 968696

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to keystone (master)

Reviewed: https://review.openstack.org/605871
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=2c8f81af62cd03601fca259647991d5dd7f8d560
Submitter: Zuul
Branch: master

commit 2c8f81af62cd03601fca259647991d5dd7f8d560
Author: Lance Bragstad <email address hidden>
Date: Thu Sep 27 21:51:12 2018 +0000

    Allow project users to retrieve domains

    This commit adds thorough testing to make sure users who have a role
    on a project can use project-scoped tokens to call GET
    /v3/domain/{domain_id} for the domain own their project. These users
    are not allowed to access domains that they don't have any
    authorization via project role assignments.

    This ensures the domains API is tested with these cases and makes the
    domains API more self-serviceable for users that are not
    administrators.

    Change-Id: Ifc100a7a235140fbd07cbafe80983d3c2f17a7dc
    Closes-Bug: 1794864
    Related-Bug: 968696