yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1221732] Re: clean tenant permissions for objects when deleteing tenant

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Dolph Mathews <1221732@xxxxxxxxxxxxxxxxxx>
Date: Fri, 06 Sep 2013 14:32:58 -0000
Reply-to: Bug 1221732 <1221732@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
*** This bug is a duplicate of bug 967832 ***
    https://bugs.launchpad.net/bugs/967832

Adding glance to bug 967832 and broadening the scope of that bug as a
result.

** This bug has been marked a duplicate of bug 967832
   Instances are still running when a tenant are deleted

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1221732

Title:
  clean tenant permissions for objects when deleteing tenant

Status in OpenStack Identity (Keystone):
  New

Bug description:
  I created a tenant and added it as a member on an image.

  [root@opens-XXXX ~(keystone_admin)]# keystone tenant-create --name blabla
  +-------------+----------------------------------+
  |   Property  |              Value               |
  +-------------+----------------------------------+
  | description |                                  |
  |   enabled   |               True               |
  |      id     | 13583923a73848179e06cda4bac1b064 |
  |     name    |              blabla              |

  
  [root@opens-XXXX ~(keystone_admin)]# keystone tenant-list 
  +----------------------------------+-------------+---------+
  |                id                |     name    | enabled |
  +----------------------------------+-------------+---------+
  | ad326a6c11a742c6bfdf4ad63be0c889 |    admin    |   True  |
  | 13583923a73848179e06cda4bac1b064 |    blabla   |   True  |
  | e91123ca35724285a783f33103875dcb |    dafna    |   True  |
  | b730cd0430114a24871916d7f112538d | new_project |   True  |
  | 5266b423a0324fca9958e59a5a13459a |   services  |   True  |
  +----------------------------------+-------------+---------+

  I added the tenant as a member on an image:

  [root@opens-XXXX ~(keystone_admin)]# glance member-list --image-id 282f2a9a-ab26-4a68-93c3-f534111ba76b
  +--------------------------------------+----------------------------------+-----------+
  | Image ID                             | Member ID                        | Can Share |
  +--------------------------------------+----------------------------------+-----------+
  | 282f2a9a-ab26-4a68-93c3-f534111ba76b | 13583923a73848179e06cda4bac1b064 |           |
  | 282f2a9a-ab26-4a68-93c3-f534111ba76b | b730cd0430114a24871916d7f112538d |           |
  | 282f2a9a-ab26-4a68-93c3-f534111ba76b | e91123ca35724285a783f33103875dcb |           |
  +--------------------------------------+----------------------------------+-----------+

  
  Than I deleted the tenant: 

  [root@opens-XXXX ~(keystone_admin)]# keystone tenant-delete
  13583923a73848179e06cda4bac1b064

  The tenant still appears as a member on the object:

  [root@opens-XXXX ~(keystone_admin)]# glance member-list --image-id 282f2a9a-ab26-4a68-93c3-f534111ba76b
  +--------------------------------------+----------------------------------+-----------+
  | Image ID                             | Member ID                        | Can Share |
  +--------------------------------------+----------------------------------+-----------+
  | 282f2a9a-ab26-4a68-93c3-f534111ba76b | 13583923a73848179e06cda4bac1b064 |           |
  | 282f2a9a-ab26-4a68-93c3-f534111ba76b | b730cd0430114a24871916d7f112538d |           |
  | 282f2a9a-ab26-4a68-93c3-f534111ba76b | e91123ca35724285a783f33103875dcb |           |
  +--------------------------------------+----------------------------------+-----------+

  
  I think that if we delete the tenant we should clean permissions that were added to it on different objects.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1221732/+subscriptions