Public bug reported: Listing domains via projects api (/v3/projects) using is_domain parameter with domain-scoped token always returns an empty list.
Steps to reproduce: 1. Get a domain-scoped token 2. Make a call to /v3/projects?is_domain=true with the token Expected: Domains are listed (given the policies allow it). Or i get an error message that it is impossible to list is_domain projects with a domain-scoped token. Observed: Domain list is empty. Probable reason: https://opendev.org/openstack/keystone/src/commit/1e7ecca881a51144d61ae8026e1a77d6669997e2/keystone/api/projects.py#L135-L139 - with domain-scoped token projects are filtered by domain_id. Domains have no domain_id and are filtered out. How it was discovered: Terraform OpenStack Provider does not use /v3/domains endpoint to fetch information about domains. Instead, /v3/projects is supposed to be used. https://github.com/terraform-provider-openstack/terraform-provider-openstack/tree/32f312ff538b846c32b93247f94c58163a6145f1/openstack ** Affects: keystone Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1950325 Title: domain list via projects api with domain-scoped token is always empty Status in OpenStack Identity (keystone): New Bug description: Listing domains via projects api (/v3/projects) using is_domain parameter with domain-scoped token always returns an empty list. Steps to reproduce: 1. Get a domain-scoped token 2. Make a call to /v3/projects?is_domain=true with the token Expected: Domains are listed (given the policies allow it). Or i get an error message that it is impossible to list is_domain projects with a domain-scoped token. Observed: Domain list is empty. Probable reason: https://opendev.org/openstack/keystone/src/commit/1e7ecca881a51144d61ae8026e1a77d6669997e2/keystone/api/projects.py#L135-L139 - with domain-scoped token projects are filtered by domain_id. Domains have no domain_id and are filtered out. How it was discovered: Terraform OpenStack Provider does not use /v3/domains endpoint to fetch information about domains. Instead, /v3/projects is supposed to be used. https://github.com/terraform-provider-openstack/terraform-provider-openstack/tree/32f312ff538b846c32b93247f94c58163a6145f1/openstack To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1950325/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
