OpenStack Dashboard (Horizon)

  1. Bug #2054799
  2. Comment #1

Comment 1 for bug 2054799

Revision history for this message
Hua Zhang (zhhuabj) wrote : Re: Issue with Project administration at Cloud Admin level

I did some analysis according the data in https://paste.openstack.org/show/bnaAKV0YXlVn088MvsFB/

1, 'users = api.keystone.user_list(self.request)' gets the user admin(3436fc62a232444597496d57e5f4b5fc)

2, 'project_users_roles = api.keystone.get_project_users_roles(self.request, project=project_id)' gets

defaultdict(<class 'list'>, {'e900b8934d11458b8eb9db21671c1b11': ['a6ab948d1f7947a98e2363f14af10fbb']})

# openstack role add --user k8s-admin --user-domain k8s --project k8s --project-domain k8s k8s-admin-role
$ openstack role assignment list --project k8s
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| Role | User | Group | Project | Domain | System | Inherited |
 +----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| a6ab948d1f7947a98e2363f14af10fbb | e900b8934d11458b8eb9db21671c1b11 | | 07123041ee0544e0ab32e50dde780afd | | | False |
 +----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
$ openstack role list |grep k8s
| a6ab948d1f7947a98e2363f14af10fbb | k8s-admin-role |

3, the user e900b8934d11458b8eb9db21671c1b11 (k8s-admin) is in the domain k8s

$ openstack user list --domain k8s
+----------------------------------+-----------+
| ID | Name |
 +----------------------------------+-----------+
| e900b8934d11458b8eb9db21671c1b11 | k8s-admin |
 +----------------------------------+-----------+

not in the default domain

$ openstack user list
+----------------------------------+----------+
| ID | Name |
 +----------------------------------+----------+
| 3436fc62a232444597496d57e5f4b5fc | admin |
| 7413f0a568fb41409e93c3179c9f8a50 | demo |
| 2dcabd8e53e0424a8974c7948268868d | alt_demo |
 +----------------------------------+----------+

$ env |grep OS_
OS_PASSWORD=openstack
OS_IDENTITY_API_VERSION=3
OS_USER_DOMAIN_NAME=admin_domain
OS_REGION_NAME=RegionOne
OS_AUTH_URL=https://10.5.1.174:5000/v3
OS_PROJECT_DOMAIN_NAME=admin_domain
OS_AUTH_PROTOCOL=https
OS_USERNAME=admin
OS_AUTH_TYPE=password
OS_PROJECT_NAME=admin