commit c81bc1b29ae8bb7b64d961d0ea0d6afb009792b2
Author: Markus Hentsch <email address hidden>
Date: Fri Nov 3 10:43:34 2023 +0100
Add domain scoping to list_domains
Introduces domain-scoped filtering of the response list of the
list_domains endpoint when the user is authenticated in domain scope
instead of returning all domains. This aligns the implementation with
other endpoints like list_projects or list_groups and allows for a
domain-scoped reader role.
Changes the default policy rule for identity:list_domains to
incorporate this new behavior for the reader role.
Closes-Bug: 2041611
Change-Id: I8ee50efc3b4850060cce840fc904bae17f1503a9
(cherry picked from commit dd785ee692118a56ea0e3aaaf7f5bd6c73ea9c91)
(cherry picked from commit 7697140fc23cee66b17050651813ebe902671256)
Reviewed: https:/ /review. opendev. org/c/openstack /keystone/ +/921281 /opendev. org/openstack/ keystone/ commit/ c81bc1b29ae8bb7 b64d961d0ea0d6a fb009792b2
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/2023.1
commit c81bc1b29ae8bb7 b64d961d0ea0d6a fb009792b2
Author: Markus Hentsch <email address hidden>
Date: Fri Nov 3 10:43:34 2023 +0100
Add domain scoping to list_domains
Introduces domain-scoped filtering of the response list of the list_domains to
list_domains endpoint when the user is authenticated in domain scope
instead of returning all domains. This aligns the implementation with
other endpoints like list_projects or list_groups and allows for a
domain-scoped reader role.
Changes the default policy rule for identity:
incorporate this new behavior for the reader role.
Closes-Bug: 2041611 060cce840fc904b ae17f1503a9 6ea0e3aaaf7f5bd 6c73ea9c91) 6b17050651813eb e902671256)
Change-Id: I8ee50efc3b4850
(cherry picked from commit dd785ee692118a5
(cherry picked from commit 7697140fc23cee6