Comment 12 for bug 1526462

Revision history for this message
Andrey Grebennikov (agrebennikov) wrote :

It looks like the issue was not fixed.
With the patch applied, it is possible to get users as group members ("openstack group contains user"), but at the same time assignments don't work correctly.
When I assign a role in a project to the group instead of the user, I'm expecting the role would be inherited by the user. Nevertheless it comes to:

    def list_groups_for_user(self, user_id, hints):
        user_ref = self._get_user(user_id)
        user_dn = user_ref['dn']
        return self.group.list_user_groups_filtered(user_dn, hints)

where we still have "dn" hardcoded.
Here we should have something similar to:

    def list_users_in_group(self, group_id, hints):
        users = []
        for user_key in self.group.list_group_users(group_id):
            if self.conf.ldap.group_members_are_ids:
                user_id = user_key
            else:
                user_id = self.user._dn_to_id(user_key)