© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
The 968696 was confirmed "Fix Released" in train so I do assume this is new issue or regression, right? Specially as the problem is not documented anywhere.
Note that the Keystone Admin Guide [0] states:
"""We reserve the admin role for the most privileged operations within a given scope.""" and """Users with admin on a project shouldn’t be able to manage things outside the project because it would violate the tenancy of their role assignment (this doesn’t apply consistently since services are addressing this individually at their own pace)."""
And after that it lists the personas it applies consistently since Train. In no means it even hints that the issue is known or Keystone itself would not honour the Persona boundaries.
[0] https:/