CONF.member_role_name isn't used for lookups
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
The CONF.member_
1. openstack role create _member_
2. take the id and put it into the CONF file
3. restart keystone
to make this work. Worse there is a default member_role_id.
I think member_role_id should default to None, the _id should be generated on first request as per now and saved (somewhere), if member_role_id is needed and not cached then the first step should be to do a role lookup on an existing member_role_name.
Keystone should handle this like the default domain. https:/ /github. com/openstack/ keystone/ blob/master/ keystone/ common/ sql/migrate_ repo/versions/ 034_havana. py#L282 .