Reviewed: https://review.openstack.org/619376 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=c0e6d4498a7e6091212b2618a537eb786595397c Submitter: Zuul Branch: master
commit c0e6d4498a7e6091212b2618a537eb786595397c Author: Lance Bragstad <[email protected]> Date: Wed Nov 21 22:26:25 2018 +0000 Remove idp policies from policy.v3cloudsample.json By incorporating system-scope and default roles, we've effectively made these policies obsolete. We can simplify what we maintain and provide a more consistent, unified view of default idp behavior by removing them. Change-Id: I6091d1cdbc4e1fa3a3d5f83a707f003416a43ea0 Closes-Bug: 1804517 ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1804517 Title: Remove obsolete idp policies from policy.v3cloudsample.json Status in OpenStack Identity (keystone): Fix Released Bug description: Once support for scope types landed in the identity provider API policies, the policies in policy.v3cloudsample.json became obsolete [0][1]. We should add formal protection for the policies with enforce_scope = True in keystone.tests.unit.protection.v3 and remove the old policies from the v3 sample policy file. This will reduce confusion by having a true default policy for identity providers. [0] https://review.openstack.org/#/c/526145/ [1] https://git.openstack.org/cgit/openstack/keystone/tree/etc/policy.v3cloudsample.json?id=fb73912d87b61c419a86c0a9415ebdcf1e186927#n198 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1804517/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
