The '--domain' arg for identity commands should not require domain lookup
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-openstackclient |
Fix Released
|
Undecided
|
Nathan Kinder |
Bug Description
Performing a 'user list --domain <id>' requires list_domains, which a domain admin will not have. This results in a 403:
$ openstack --os-identity-
ERROR: openstack You are not authorized to perform the requested action: identity:
You can see that a 'list_domains' is being used, which is likely there to allow looking up the domain id by name. If the domain is specified by ID, we should be able to use it to perform the user list, which works fine via curl:
curl -i -H "X-Auth-Token: <token>" http://
We should attempt to look up the domain, but fall back to using the user-supplied domain argument as an ID if the lookup fails.
This same problem applies to the 'group list' command.
summary: |
- The '--domain' arg for the 'user list' commandshould not require domain + The '--domain' arg for the 'user list' command should not require domain lookup |
Changed in python-openstackclient: | |
assignee: | nobody → Nathan Kinder (nkinder) |
status: | New → In Progress |
Changed in python-openstackclient: | |
milestone: | none → m6 |
Changed in python-openstackclient: | |
status: | Fix Committed → Fix Released |
This also applies to listing projects.