python-openstackclient

Openstack project list should use V3 unscoped token to get list of projects when a user doesn't have the admin privileges

Bug #1635021 reported by Elancheran S on 2016-10-19

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	python-openstackclient	New	Undecided	Unassigned

Bug Description

When only admin_or_owner is allowed to list_projects in keystone, the other user who are not `ProjectAdmin` or `Member` won't be able to see the list of project they have access to.

So when there is a 403 for `openstack project list` openstack client should revert back to use the unscoped token along with user filter to get the list of projects a user has access to when the user uses the `--os-identity-api-version 3`

http://developer.openstack.org/api-ref/identity/v3/?expanded=password-authentication-with-unscoped-authorization-detail

Elancheran S (tsecheran) on 2016-10-19

affects:

devstack → python-openstackclient

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.