Users' maas api keys do not have a name
Bug #1536354 reported by
Scott Moser
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Fix Released
|
Wishlist
|
Aymen Frikha |
Bug Description
i logged into a maas system where multiple have access to a single account.
looked to http://<IP>/MAAS/
I saw
"You'll need a separate API key for each Juju environment."
and 6 different keys.
There is no way to know who has what key, or any purpose for such keys.
that makes revoking keys difficult.
This issue doesn't have to occur because of shared account, If i had multiple juju environments, i'd quite likely have half a dozen keys generated. If I lost some, i'd have no easy way of knowing which were to be deleted and which were still in use.
Related branches
lp:~aym-frikha/maas/add-apikey-name-api
- Mike Pontillo (community): Approve
-
Diff: 528 lines (+336/-22)6 files modifiedsrc/maasserver/api/account.py (+61/-8)
src/maasserver/api/tests/test_api.py (+144/-5)
src/maasserver/management/commands/apikey.py (+52/-5)
src/maasserver/models/user.py (+6/-2)
src/maasserver/models/userprofile.py (+17/-2)
src/maasserver/tests/test_commands.py (+56/-0)
Changed in maas: | |
importance: | Undecided → Wishlist |
status: | New → Triaged |
milestone: | none → 2.0.0 |
summary: |
- users' maas api keys should have a name + Users' maas api keys do not have a name |
tags: | added: maas-shared-lab uosci |
Changed in maas: | |
milestone: | 2.0.0 → 2.1.0 |
tags: | added: sts |
Changed in maas: | |
assignee: | nobody → Aymen Frikha (aym-frikha) |
description: | updated |
Changed in maas: | |
status: | Triaged → In Progress |
Changed in maas: | |
status: | In Progress → Fix Committed |
Changed in maas: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
The new MAAS CLI that I'm working on allows you to log-in to MAAS with a username and password, but it does so only to obtain a new API key, thus removing the need to copy-and-paste the API key from the UI. It would be very useful to be able to add a note or comment (like "MAAS CLI / $<email address hidden>") alongside the newly minted key so it can be selectively removed later on.