← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #13459

[Bug 1305606] [NEW] User with "Member" role should be able to execute user-get api

  Thread PreviousDate PreviousThread Next 
Public bug reported:

User demo (MEMBER role) cannot execute user-get (GET /v2.0/users/demo
HTTP/1.1" 403)

source openrc demo demo
keystone user-get demo 
You are not authorized to perform the requested action, admin_required. (HTTP 403)

But user with admin role in tenant can check his details.
Also the extra field in user is not fetched after making the GET call

source openrc admin demo
devstack$ keystone user-get demo 
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |         demo@xxxxxxxxxxx         |
| enabled  |               True               |
|    id    | bd5d9664372b4c88bb7aef77b8f45310 |
|   name   |               demo               |
| tenantId | a04ed8cef5ff49058647a1ae517ef21e |
| username |               demo               |
+----------+----------------------------------+

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1305606

Title:
  User with  "Member" role  should be able to execute user-get api

Status in OpenStack Identity (Keystone):
  New

Bug description:
  User demo (MEMBER role) cannot execute user-get (GET /v2.0/users/demo
  HTTP/1.1" 403)

  source openrc demo demo
  keystone user-get demo 
  You are not authorized to perform the requested action, admin_required. (HTTP 403)

  But user with admin role in tenant can check his details.
  Also the extra field in user is not fetched after making the GET call

  source openrc admin demo
  devstack$ keystone user-get demo 
  +----------+----------------------------------+
  | Property |              Value               |
  +----------+----------------------------------+
  |  email   |         demo@xxxxxxxxxxx         |
  | enabled  |               True               |
  |    id    | bd5d9664372b4c88bb7aef77b8f45310 |
  |   name   |               demo               |
  | tenantId | a04ed8cef5ff49058647a1ae517ef21e |
  | username |               demo               |
  +----------+----------------------------------+

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1305606/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next