yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1103033] Re: Admin users cannot use privileged commands if they have no tenant/project associated with them

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Dolph Mathews <1103033@xxxxxxxxxxxxxxxxxx>
Date: Wed, 06 Mar 2013 20:51:50 -0000
Reply-to: Bug 1103033 <1103033@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This appears to be two separate issues, the first of which is by design.
Users do not have roles without requesting authorization on a tenant,
but we're working towards supporting domain-admins, etc, to make the
semantic more meaningful.

On the second issue.... by "show a warning", are you referring to
horizon? A similar issue/solution is being worked in a horizon BP.

** Changed in: keystone
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1103033

Title:
  Admin users cannot use privileged commands if they have no
  tenant/project associated with them

Status in OpenStack Identity (Keystone):
  Won't Fix

Bug description:
  The admin user *needs* to have a tenant/project associated to be able
  to do admin commands like, for instance, creating a tenant.

  Otherwise, the account is inaccessible and regular management is not
  possible.

  I know that users are expected to be associated to at least one tenant
  (e.g. https://bugs.launchpad.net/keystone/+bug/963176), but it would
  be nice to show a warning if an admin tries to delete the only tenant
  they're associated with

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1103033/+subscriptions