Unimplemented get roles by group for project list
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Wishlist
|
Marcos Lobo |
Bug Description
The list_projects_
I think is necessary change this function to can search projects with associations across user_id and group_id.
USE CASE:
---------------
Check if user named 'u1' (inside group 'G2') has grants on project named 'p1'. We have this hierarchy:
P1 <- G1 <- G2 <- U1
In this use case, user 'U1' should have grants on project 'P1' because user 'U1' belongs to group 'G2', 'G2' belongs to 'G1', and 'G1' has grants on 'P1'.
What happens to the current code:
-------
User 'U1' has not grants on project 'P1'. That is because list_projects_
Changed in keystone: | |
assignee: | nobody → Marcos Lobo (marcos-fermin-lobo) |
description: | updated |
Changed in keystone: | |
importance: | Undecided → Wishlist |
tags: | added: ldap |
Changed in keystone: | |
milestone: | none → juno-1 |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | juno-1 → 2014.2 |
Fix proposed to branch: master /review. openstack. org/76470
Review: https:/