Comment 0 for bug 1451313

If a project is added which the user does have a member role, then after selecting from the project list that project, it throws error, permission denied if multi tenancy is enabled, and we have set the cookie for that project which does have member role, so now onwards after clicking to any other config menu items, the same error occurs, as project cookie has been set to the member role project.

So to avoid this, we can have below:
1. Let the member role project be listed in the project list, as we can not get the role list without specifying user/password per tenant and we are not storing the user details, so selecting it, if 403 error comes from keystone, then do not change the project cookie from UI.