project admin unable to fetch it's own domain
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Committed
|
Medium
|
Lance Bragstad | ||
Queens |
In Progress
|
Medium
|
Guang Yee | ||
Rocky |
Fix Committed
|
Medium
|
Guang Yee |
Bug Description
NOTE: This bug impacts stable/rocky and possibly stable/queens release. Master branch is not impacted.
The "RULE_ADMIN_
https:/
https:/
This resulted in domain admin unable to fetch his own domain. Looks like we switched over to oslo_context around stable/queens timeframe. And the token (TokenModel) is no longer in the auth_context which caused this rule to fail.
'token.
The problem was corrected recently in the master branch by this patch
https:/
where to token is added back to the auth_context.
Changed in keystone: | |
milestone: | none → stein-3 |
milestone: | stein-3 → stein-2 |
assignee: | nobody → Lance Bragstad (lbragstad) |
On master, this is a duplicate bug [0], which has already been fixed [1].
Keeping this as a separate bug for now since the fix to the stable branches are going to be different. We can't backport the fix to master because it requires updated versions of oslo.policy.
[0] https:/ /bugs.launchpad .net/keystone/ +bug/1794864 /review. openstack. org/#/c/ 605539/
[1] https:/