member_role_id/name conf options reference v2
Bug #1728690 reported by
Matthew Edmonds
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
wangxiyuan |
Bug Description
The keystone v2 API has been removed, yet we still define the member_role_id and member_role_name conf options that say they are for v2. It appears that they may be used in some v3 code. That should either be modified so that these can be removed, or the help and docs for these options should be updated to explain their usage with v3.
tags: | added: office-hours |
Changed in keystone: | |
assignee: | nobody → wangxiyuan (wangxiyuan) |
Changed in keystone: | |
assignee: | wangxiyuan (wangxiyuan) → Colleen Murphy (krinkle) |
Changed in keystone: | |
assignee: | Colleen Murphy (krinkle) → wangxiyuan (wangxiyuan) |
Changed in keystone: | |
milestone: | none → queens-3 |
To post a comment you must log in.
I think the whole thing is safe to remove. The only logic that is not test or config that I can find is this which is called when creating a role:
if role['name'] == CONF.member_ role_name:
role[ 'id'] = CONF.member_role_id unique_ id(role)
# Use the configured member role ID when creating the configured
# member role name. This avoids the potential of creating a
# "member" role with an unexpected ID.
else:
role = self._assign_
In core, there is add_user_ to_project( which was the v2 implementation. That called ensure_ default_ role() to make sure the role existed. This whole path should be V2 onlymy and can be removed.