There is currently incomplete is_admin_project information in the token.
We can expose this already via keystoneauth because we have to handle
the default case where there is nothing in the token.
The default feels backwards but to handle the historical situation where
a deployment has not got the admin_project set all projects were in the
admin project so it must default to true for policy enforcement.
Adds the fixture handling as well for testing with this enabled.
Reviewed: https:/ /review. openstack. org/314409 /git.openstack. org/cgit/ openstack/ keystoneauth/ commit/ ?id=ed758638073 2842a0b52236a59 499d191033ef11
Committed: https:/
Submitter: Jenkins
Branch: master
commit ed7586380732842 a0b52236a59499d 191033ef11
Author: Jamie Lennox <email address hidden>
Date: Tue May 10 14:10:52 2016 +1000
Expose is_admin_project in AccessInfo
There is currently incomplete is_admin_project information in the token.
We can expose this already via keystoneauth because we have to handle
the default case where there is nothing in the token.
The default feels backwards but to handle the historical situation where
a deployment has not got the admin_project set all projects were in the
admin project so it must default to true for policy enforcement.
Adds the fixture handling as well for testing with this enabled.
Change-Id: I58db52427a2bac 6cd567944295597 71499dc7f5a
Closes-Bug: #1577996