Reviewed: https://review.opendev.org/683153 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=c9148db371dfa449830d2fbe7c1345135ebddf3f Submitter: Zuul Branch: master
commit c9148db371dfa449830d2fbe7c1345135ebddf3f Author: Vishakha Agarwal <[email protected]> Date: Thu Sep 19 18:45:30 2019 +0530 Implement scope type checking for Project Endpoints This change updates the Project Endpoints policies to understand the scope types for Project Endpoints. This adds the test cases too. Change-Id: Id18036325b2f5b8836076408ecdd64523b19cbba Closes-Bug: #1844664 ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1844664 Title: Project Endpoints should account for system scope and default roles Status in OpenStack Identity (keystone): Fix Released Bug description: Project resources in keystone can be tagged with endpoints. Operations for managing project endpoints should only be managed by system administrators and not project-level or domain-level users. The policies that protect the project endpoints should understand system-scope [0]. [0] https://opendev.org/openstack/keystone/src/commit/18e0080af3dcc0a96ff5d98aeb5f517080a35fb2/keystone/common/policies/project_endpoint.py#L19-L66 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1844664/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
