Adding users from different domain to a group
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Medium
|
Unassigned |
Bug Description
I have created two domains. And I have created users in both the domains. I created a group in first domain, and I tried adding those users from other domains to this group, it added successfully.
But according to this page https:/
Here are the steps to reproduce this :-
created new domain Domain9
curl -i -k -X POST https:/
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:48:15 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 214
Content-Type: application/json
{"domain": {"links": {"self": "https:/
created user fd22 in domain Domain9
curl -i -k -X POST https:/
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:49:27 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 269
Content-Type: application/json
{"user": {"links": {"self": "https:/
created user fd23 in default domain
vi user.json
provo-sand:
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:50:56 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 244
Content-Type: application/json
{"user": {"links": {"self": "https:/
created group DomainGroup10 in default domain
curl -i -k -X POST https:/
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:52:49 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 225
Content-Type: application/json
{"group": {"domain_id": "default", "description": "Description.", "id": "0b72f1dd6f514a
Added user 'fd22' from Domain9 to DomainGroup10
curl -i -k -X PUT https:/
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:53:17 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0
Added user 'fd23' from Default to DomainGroup10
curl -i -k -X PUT https:/
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:54:20 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0
Changed in keystone: | |
assignee: | nobody → jiaxi (tjxiter) |
Changed in keystone: | |
status: | Incomplete → Confirmed |
Changed in keystone: | |
status: | Confirmed → In Progress |
Changed in keystone: | |
assignee: | jiaxi (tjxiter) → nobody |
Changed in keystone: | |
assignee: | nobody → fengzhaoyang (fengchaoyang) |
Changed in keystone: | |
assignee: | fengzhaoyang (fengchaoyang) → nobody |
Can you do a listing on the domains to see if fd22 and fd23 have indeed moved? Our PUT operations will always return 204
Also, some things are a bit weird
"Added user 'fd22' from Domain9 to DomainGroup10" << does this mean Domain9 was a 'group' or a 'domain'?
I'm not seeing a problem in the last operations "Added user 'fd23' from Default to DomainGroup10"
- fd23 is a user in the default domain
- DomainGroup10 is a group in the default domain
- you added a user to a group. this is fine.
Domains are a store for {groups, users, projects}. Groups are a store for {users}.