OpenStack Identity (keystone)

list_role_assignments does not return group roles assignments

Bug #1285065 reported by Marcos Lobo
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Won't Fix
Wishlist
Unassigned

Bug Description

The list_role_assignments() function on LDAP assignment backend only returns users roles assignments, not groups roles assignments.

Allowing to obtain group role assignments too, we can achieve that a user can access to a project through a group.

In the list_role_assignments() function on SQL assignment backend that is implemented.

Tags: ldap
Marcos Lobo (marcos-fermin-lobo)
summary: - list_role_assignments does not returns group roles assignments
+ list_role_assignments does not return group roles assignments
Marcos Lobo (marcos-fermin-lobo)
Changed in keystone:
assignee: nobody → Marcos Lobo (marcos-fermin-lobo)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/76568

Changed in keystone:
status: New → In Progress
Dolph Mathews (dolph)
Changed in keystone:
importance: Undecided → Wishlist
Dolph Mathews (dolph)
tags: added: ldap
Changed in keystone:
status: In Progress → Triaged
Revision history for this message
David Stanek (dstanek) wrote :

Unassigning due to inactivity.

Changed in keystone:
assignee: Marcos Lobo (marcos-fermin-lobo) → nobody
Revision history for this message
Steve Martinelli (stevemar) wrote :

role assignments in ldap has been deprecated for at least one release, this will not be fixed

Changed in keystone:
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.