** Changed in: keystone
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1267096
Title:
v3/credentials API is admin-only
Status in OpenStack Identity (Keystone):
Fix Released
Bug description:
The default policy makes v3/credentials admin-only:
http://git.openstack.org/cgit/openstack/keystone/tree/etc/policy.json#n59
But in the docs, we say "generic credential storage per user" which
implies it's a user accessible interface.
Also, for the ec2 credential storage to work as a replacement for the
ec2tokens API, it needs to be user-accessible.
Seems like a more appropriate restriction would be to enforce that the
user_id in the request matches the token, or the user is admin, e.g
use "admin_or_owner" instead of "admin_required"
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1267096/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
