Users with any role on a domain have no ability to use trusts. That
privilege is only granted to project users, who may create trusts for
their own project and list and delete their own trusts, and system
users, who may audit and clean up trusts. This change adds tests to
verify that behavior.
Reviewed: https:/ /review. opendev. org/677020 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=686ec6dda6d fa73e9634979231 bcd9b2edbd1da8
Committed: https:/
Submitter: Zuul
Branch: master
commit 686ec6dda6dfa73 e9634979231bcd9 b2edbd1da8
Author: Colleen Murphy <email address hidden>
Date: Fri Aug 16 11:36:03 2019 -0700
Add tests for domain users for trusts
Users with any role on a domain have no ability to use trusts. That
privilege is only granted to project users, who may create trusts for
their own project and list and delete their own trusts, and system
users, who may audit and clean up trusts. This change adds tests to
verify that behavior.
Change-Id: I8404c062cc07ef 83bf77fdd917891 9aff0a0d6d5
Partial-bug: #1818850