OpenStack Identity (keystone)

  1. Bug #1804521
  2. Comment #5

Comment 5 for bug 1804521

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to keystone (master)

Reviewed: https://review.openstack.org/619613
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=57b3eb01623d286a5f3f69865a3f92178e6a5d8d
Submitter: Zuul
Branch: master

commit 57b3eb01623d286a5f3f69865a3f92178e6a5d8d
Author: Lance Bragstad <email address hidden>
Date: Thu Nov 22 15:58:23 2018 +0000

    Add mapping tests for system member role

    From keystone's perspective, the ``member`` and ``reader`` roles are
    effectively the same. This is primarily because the member role is
    really meant for project members and project-specific resources, which
    doesn't apply to mapping resources.

    This commit adds explicit testing to make sure the ``member`` role
    is allowed to perform readable and not writable mapping operations.
    Subsequent patches will incorporate:

     - system admin functionality
     - testing for domain users
     - testing for project users

     Related-Bug: 1804519
     Related-Bug: 1804521

    Change-Id: I8a7ecd37f4db59fb8e10b68b03bbaea543484e6d