From keystone's perspective, the ``member`` and ``reader`` roles are
effectively the same. This is primarily because the member role is
really meant for project members and project-specific resources, which
doesn't apply to mapping resources.
This commit adds explicit testing to make sure the ``member`` role
is allowed to perform readable and not writable mapping operations.
Subsequent patches will incorporate:
- system admin functionality
- testing for domain users
- testing for project users
Reviewed: https:/ /review. openstack. org/619613 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=57b3eb01623 d286a5f3f69865a 3f92178e6a5d8d
Committed: https:/
Submitter: Zuul
Branch: master
commit 57b3eb01623d286 a5f3f69865a3f92 178e6a5d8d
Author: Lance Bragstad <email address hidden>
Date: Thu Nov 22 15:58:23 2018 +0000
Add mapping tests for system member role
From keystone's perspective, the ``member`` and ``reader`` roles are
effectively the same. This is primarily because the member role is
really meant for project members and project-specific resources, which
doesn't apply to mapping resources.
This commit adds explicit testing to make sure the ``member`` role
is allowed to perform readable and not writable mapping operations.
Subsequent patches will incorporate:
- system admin functionality
- testing for domain users
- testing for project users
Related-Bug: 1804519
Related-Bug: 1804521
Change-Id: I8a7ecd37f4db59 fb8e10b68b03bba ea543484e6d