ignore case in policy role checking
Bug #922660 reported by
Dan Prince
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Dan Prince |
Bug Description
The default nova policy.json files specifies a default rule using the 'admin' role:
"admin_
In keystone however my admin role is 'Admin'.
This can lead to errors like this when trying to list instances in a multi-tenant setup:
root@nova1:~# nova list
Policy doesn't allow compute:
Changing the case of the role in policy.json will fix the issue... however in my opinion we should ignore case on role checking. We do this in Nova's context.py for example when setting 'is_admin'. Why not for policy.json files too?
Changed in nova: | |
status: | New → In Progress |
assignee: | nobody → Dan Prince (dan-prince) |
importance: | Undecided → Medium |
milestone: | none → essex-4 |
Changed in nova: | |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | essex-4 → 2012.1 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/3510
Review: https:/