** Changed in: keystone
Status: Fix Committed => Fix Released
** Changed in: keystone
Milestone: None => icehouse-2
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1233874
Title:
Need enhancement over bug fix1186059
Status in OpenStack Identity (Keystone):
Fix Released
Bug description:
As a fix for bug 1186059 we have added user_id from "x-subject-token" to the
API target and that is good to introduce a notion of token owner in policy.
https://review.openstack.org/#/c/46123/21/keystone/common/controller.py
Only user_id in the target is not sufficient to define a policy rule
like
"role:admin and domain_id:%(target.entity.domain_id)s" (admin role
from token owner's domain)
We need to introduce domain_id in policy_dict so that above mentioned
rule can be defined.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1233874/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
