OpenStack Identity (keystone)

  1. Bug #1197874
  2. Comment #5

Comment 5 for bug 1197874

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/grizzly)

Reviewed: https://review.openstack.org/38484
Committed: http://github.com/openstack/keystone/commit/27a5b42dbbdcb1f10138542cfa2fc5584470bace
Submitter: Jenkins
Branch: stable/grizzly

commit 27a5b42dbbdcb1f10138542cfa2fc5584470bace
Author: Henry Nash <email address hidden>
Date: Fri Jul 5 06:04:25 2013 +0100

    Fix issue with v3 tokens and group membership roles

    The driver calls used by v3 token controllers to obtain roles
    for a user on both project and domain were incorrectly implemented,
    leading to roles being missed out of the token. v2 tokens are not
    affected, since they don't use the same driver calls.

    This fixes these functions and adds additonal tests to cover the
    cases (all of which would fail without this patch). As part of this
    fix, the implementation of "get_roles_for_user_and_project() is
    pulled up into the driver class (like the domain equivalent is already),
    since, for all implementations, it is independant of backend technology.

    Fixes bug 1197874

    Change-Id: I48aaf79241c87377c6940ab6193fc3acd4006c94