OpenStack Identity (keystone)

Delete role does not delete roles assignment in tenants

Bug #1057436 reported by Jose Castro Leon on 2012-09-27

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	High	Jose Castro Leon	OpenStack Identity (keystone) 2013.1 "grizzly"

Bug Description

If you delete a role and there are tenants with users assigned with the same role, these roles assigments are not deleted.

Reproducible: always
1. Create tenant 'Project1'
2. Create role 'Member
3. Assign user as role 'Member' of tenant 'Project1'
4. Delete role 'Member'

Actual Result:
No error and there is still a role member on the tenant 'Project'

Expected Result:
No error and no information under tenants

See original description

Tags:

Jose Castro Leon (jose-castro-leon) on 2012-09-27

tags:	added: blueprint ldap-ad
Changed in keystone:
assignee:	nobody → Jose Castro Leon (jose-castro-leon)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-09-27: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/13752

Changed in keystone:
status:	New → In Progress

Jose Castro Leon (jose-castro-leon) on 2012-10-01

summary:

- Delete role in LDAP backend does not delete roles in tenants
+ Delete role in LDAP backend does not delete rolegrants in tenants

Jose Castro Leon (jose-castro-leon) on 2012-10-01

summary:

- Delete role in LDAP backend does not delete rolegrants in tenants
+ Delete role in LDAP backend does not delete roles assignment in tenants

Joseph Heck (heckj) on 2012-10-02

Changed in keystone:
importance:	Undecided → High

Revision history for this message

Jose Castro Leon (jose-castro-leon) wrote on 2012-10-05:

While preparing the unit tests, I have just realized that this is also applicable for kvs and sql backend as well.

summary:	- Delete role in LDAP backend does not delete roles assignment in tenants + Delete role does not delete roles assignment in tenants
description:	updated
description:	updated

Jose Castro Leon (jose-castro-leon) on 2012-10-05

Changed in keystone:
status:	In Progress → Fix Committed

OpenStack Infra (hudson-openstack) on 2012-10-12

Changed in keystone:
status:	Fix Committed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-10-12: Fix merged to keystone (master)

Reviewed: https://review.openstack.org/13752
Committed: http://github.com/openstack/keystone/commit/d05d1128490377e4c50311c40d0901aa5b63c4bc
Submitter: Jenkins
Branch: master

commit d05d1128490377e4c50311c40d0901aa5b63c4bc
Author: Jose Castro Leon <email address hidden>
Date: Fri Oct 12 08:49:50 2012 +0200

Delete role does not delete role assignments in tenants (bug 1057436)

Change-Id: I2474c2a74135470162030a243491ced59533c024

Changed in keystone:
status:	In Progress → Fix Committed

Joseph Heck (heckj) on 2012-11-20

Changed in keystone:
milestone:	none → grizzly-1

Thierry Carrez (ttx) on 2012-11-22

Changed in keystone:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-04-04

Changed in keystone:
milestone:	grizzly-1 → 2013.1

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1054362

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.