OpenStack Identity (keystone)

  1. Bug #1773967
  2. Comment #17

Comment 17 for bug 1773967

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/queens)

Reviewed: https://review.opendev.org/694096
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=578be15629a84d1edcfda546a93b7ccbb6959720
Submitter: Zuul
Branch: stable/queens

commit 578be15629a84d1edcfda546a93b7ccbb6959720
Author: Jose Castro Leon <email address hidden>
Date: Tue Apr 23 15:38:16 2019 +0200

    Allows to use application credentials through group membership

    When using role assignment through groups, the user cannot use
    the application credentials created. This allows to look up
    the membership by checking inherited and group assignments.

    Conflicts:
        This change conflicts with newer branches because most of the
        logic in keystone/token/providers/common.py was refactored into
        keystone/models/token_model.py during the Rocky release. This
        refactor causes the stable/queens version to diverge from
        stable/rocky, stable/stein, and stable/train patches, although it
        is functionally equivalent to the approach used in later releases.

    Change-Id: If1bf5bd785a494923303265797311d42018ba7af
    Closes-Bug: #1773967
    (cherry picked from commit 14b25bc5d18842210cfffe1afdca475e848b84aa)
    (cherry picked from commit 933ea511d150ed2cbbd4265fc7513a9b3435baa2)
    (cherry picked from commit cf83fc10569e7b52eeb52c0e164dfe36daeec309)