rbac: fails to match if the user has multiple roles in the project
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R4.0 |
Fix Committed
|
Undecided
|
Suresh Vinapamula | |||
R4.1 |
Fix Committed
|
Undecided
|
Suresh Vinapamula | |||
Trunk |
Fix Committed
|
Undecided
|
Suresh Vinapamula |
Bug Description
The user user1 has role role1 and role2 in a project and the acl rule is to allow VN.* R for role1 in which case the user was not able to read the VirtualNetwork.
root@server1:~# curl -H 'X-Auth-Token: 8819ad075eb64b3
Permission Denied for ctest-TestRbac2
root@server1:~#
Role List:
+------
| id | name | user_id | tenant_id |
+------
| e606f07163144df
| 3df14c76dc0a41c
+------
"api-
{
}
]
},
"fq_name": [
],
DEBUG:contrail-
WARNING:
Review in progress for https:/ /review. opencontrail. org/37422
Submitter: Suresh Vinapamula (<email address hidden>)