Owner role is broken in default v2 policy file
Bug #1329864 reported by
Haneef Ali
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Opinion
|
Wishlist
|
Unassigned |
Bug Description
In v2 policy.json owner is defined as
"owner" : "user_id:
It should be
"owner" : "user_id:
Affected APIs,
Using default v2 policy file a user can't delete his own token due to this defect
To post a comment you must log in.
That's originally by design, but I agree with the notion that users should be able to delete their own tokens, even though it's traditionally an administrative function (I see it as "logging out").