Reviewed: https://review.openstack.org/620158 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=7ce5e3e24e8291c0af387a72ce7b47c3b28a9f74 Submitter: Zuul Branch: master
commit 7ce5e3e24e8291c0af387a72ce7b47c3b28a9f74 Author: Lance Bragstad <[email protected]> Date: Mon Nov 26 20:43:09 2018 +0000 Update service provider policies for system admin This change makes the policy definitions for admin service provider operations consistent with the other service provider policies. Subsequent patches will incorporate: - domain users test coverage - project users test coverage Change-Id: I621192f089d1b29e2585d0030716348274e50bf1 Related-Bug: 1804520 Closes-Bug: 1804522 ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1804522 Title: Service provider API doesn't use default roles Status in OpenStack Identity (keystone): Fix Released Bug description: In Rocky, keystone implemented support to ensure at least three default roles were available [0]. The service provider (federation) API doesn't incorporate these defaults into its default policies [1], but it should. [0] http://specs.openstack.org/openstack/keystone-specs/specs/keystone/rocky/define-default-roles.html [1] https://git.openstack.org/cgit/openstack/keystone/tree/keystone/common/policies/service_provider.py?id=fb73912d87b61c419a86c0a9415ebdcf1e186927 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1804522/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
