Create trust failed with permission to list roles
Bug #1658582 reported by
hongbin
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python-openstackclient |
Fix Released
|
Undecided
|
hongbin | ||
Bug Description
To reproduce the error:
$ source /opt/stack/
$ TRUSTOR_
$ TRUSTEE_
$ source /opt/stack/
$ openstack trust create --project demo --role Member $TRUSTOR_ID $TRUSTEE_ID
You are not authorized to perform the requested action: identity:list_roles (HTTP 403) (Request-ID: req-10468575-
If trustor is non-admin, he/she won't have enough permission to list roles. The create trust command should handle this case.
| Changed in python-openstackclient: | |
| assignee: | nobody → hongbin (hongbin034) |
| Changed in python-openstackclient: | |
| status: | New → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to python-openstackclient (master) | #1 |
| Changed in python-openstackclient: | |
| status: | In Progress → Fix Released |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix included in openstack/python-openstackclient 3.8.0 | #2 |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 5cf77bb672eeb28
Author: Hongbin Lu <email address hidden>
Date: Mon Jan 23 00:04:02 2017 -0600
Handle 403 error on creating trust
Currently, creating trust requires permission to list roles, but
non-admin users don't have permission to do that by default. This
commit adds exception handling on listing roles, and continue to
create trust if server returns 403.
Closes-Bug: #1658582
Change-Id: I4f016b76cb46ae