yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #00435
[Bug 1123184] Re: User Settings credentials and RC file shows tenants I do not belong to
Can't repro on trunk without a misconfigured service catalog.
** Also affects: horizon/folsom
Importance: Undecided
Status: New
** Changed in: horizon
Status: New => Invalid
** Changed in: horizon
Assignee: (unassigned) => Gabriel Hurley (gabriel-hurley)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1123184
Title:
User Settings credentials and RC file shows tenants I do not belong to
Status in OpenStack Dashboard (Horizon):
Invalid
Status in OpenStack Dashboard (Horizon) folsom series:
Incomplete
Bug description:
As mentioned in https://bugs.launchpad.net/horizon/+bug/1122758, going
to User Settings -> EC2 Credentials or OpenStack API when logged into
Horizon as a user without admin role in a tenant fails with a 500
Internal Server Error.
However, if I log into Horizon as a user with the admin role in a
tenant and go to aforementioned User Settings -> EC2 Credentials, I
can select from a list of projects to which I do not below (which
would make the credentials invalid when sourced or used).
See attached screenshot. Of the listed projects, the jp833r user only
belongs to the "ort" and "sandbox-iad1" tenants:
root@c4r3.iad1 15:45:50:~# keystone user-list | grep jp833r
| 5e928cfe1b5143c593d0ee4a666f52bf | jp833r | True | jp833r@xxxxxxx |
root@c4r3.iad1 15:45:57:~# keystone tenant-list
+----------------------------------+-----------------------+---------+
| id | name | enabled |
+----------------------------------+-----------------------+---------+
| 1325ad9790f143e68799ea69e0a2c1a3 | sandbox-iad1 | True |
| 44265397ab794b4d9411e2add40256f7 | rapidrhinorc-dev-iad1 | True |
| 4a6d33eb850044e9ad787403f3af7bdc | ort | True |
| 6344342bf8af4479a4f320a09dfb5526 | demo | true |
| 6f0d0e115b8340558a68d571ffeafee8 | admin | True |
| f12342a17806488f892a73bb8de5aace | service | true |
| f38e2353a3914dc2862dc38b2eff81ef | sl-tools | True |
+----------------------------------+-----------------------+---------+
root@c4r3.iad1 15:46:09:~# keystone role-list
+----------------------------------+------------------------+
| id | name |
+----------------------------------+------------------------+
| 17885447f6b643ce946cf0507c0ed902 | sysadmin |
| 234ad108c0d540e58d5d960921ad79c6 | member |
| 42e7d9bb4a334a6da6be2b5b4b8155a2 | admin |
| 6674bada314b4bd0aa66f5a235a4db52 | netadmin |
| 675881700bd74b06a5cb7ae9b6875f71 | keystone_service_admin |
| ac31c27876184f489dcbb74e5bb25414 | keystone_admin |
+----------------------------------+------------------------+
root@c4r3.iad1 15:46:23:~# keystone user-role-list --user-id 5e928cfe1b5143c593d0ee4a666f52bf --tenant-id 4a6d33eb850044e9ad787403f3af7bdc
+----------------------------------+--------+----------------------------------+----------------------------------+
| id | name | user_id | tenant_id |
+----------------------------------+--------+----------------------------------+----------------------------------+
| 234ad108c0d540e58d5d960921ad79c6 | member | 5e928cfe1b5143c593d0ee4a666f52bf | 4a6d33eb850044e9ad787403f3af7bdc |
| 42e7d9bb4a334a6da6be2b5b4b8155a2 | admin | 5e928cfe1b5143c593d0ee4a666f52bf | 4a6d33eb850044e9ad787403f3af7bdc |
+----------------------------------+--------+----------------------------------+----------------------------------+
root@c4r3.iad1 15:46:54:~# keystone user-role-list --user-id 5e928cfe1b5143c593d0ee4a666f52bf --tenant-id 1325ad9790f143e68799ea69e0a2c1a3
+----------------------------------+--------+----------------------------------+----------------------------------+
| id | name | user_id | tenant_id |
+----------------------------------+--------+----------------------------------+----------------------------------+
| 234ad108c0d540e58d5d960921ad79c6 | member | 5e928cfe1b5143c593d0ee4a666f52bf | 1325ad9790f143e68799ea69e0a2c1a3 |
+----------------------------------+--------+----------------------------------+----------------------------------+
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1123184/+subscriptions