This commit adds domain-scope to the scope_types for limit policies,
allowing domain users to access those APIs when enforce_scope is
enabled. This commit also introduces some tests that explicitly show
how domain users are expected to behave with the limits API. A
subsequent patch will do the same for project users.
This commit also modifies the GET /v3/limit policy to allow project
users to filter responses by project_id, which isn't entirely useful
outside of just calling the API with a project-scoped token.
Reviewed: https:/ /review. opendev. org/621023 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=f249c9e2b0f 39b688ba356feac a7818adfc9f739
Committed: https:/
Submitter: Zuul
Branch: master
commit f249c9e2b0f39b6 88ba356feaca781 8adfc9f739
Author: Lance Bragstad <email address hidden>
Date: Thu Nov 29 21:06:09 2018 +0000
Allow domain users to access the limit API
This commit adds domain-scope to the scope_types for limit policies,
allowing domain users to access those APIs when enforce_scope is
enabled. This commit also introduces some tests that explicitly show
how domain users are expected to behave with the limits API. A
subsequent patch will do the same for project users.
This commit also modifies the GET /v3/limit policy to allow project
users to filter responses by project_id, which isn't entirely useful
outside of just calling the API with a project-scoped token.
Change-Id: I9b38f3fd2f83ef d508b2d9a6c323b baa7169d4cd
Related-Bug: 1805880
Partial-Bug: 1818736