← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1398331] Re: Disabling current project raises an error "Not Authorized to do this operation" but also sets it as disabled.

 

@Doug, the only issue with that change happening in Keystone is that it
requires that there is always an active project.

I do agree the UX on this is sub-optimal, but it does in-fact work as
expected: disabling the project revokes all tokens, horizon is trying to
use a now revoked token.

I am thinking that the check is likely a horizon workflow check not a
Keystone imposed limitation.

For now I'm marking this as won't fix in keystone, unless there is a
strong voice that we need to change this. I'm, of course, open to
hearing alternatives to make the UX better.

** Changed in: keystone
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1398331

Title:
  Disabling current project raises an error "Not Authorized to do this
  operation" but also sets it as disabled.

Status in OpenStack Dashboard (Horizon):
  In Progress
Status in OpenStack Identity (Keystone):
  Won't Fix

Bug description:
  When the admin tries to disable the current project through which it
  has logged in, it raises an error "Not Authorized to do this
  operation" but it sets it as disabled.

  Steps to Replicate.
  1. Create a test_project and add admin user as an administrator for the project. This admin user is the administrator for admin and demo projects as well.
  2. login as admin user and set test_project as the current project.
  3. Goto Identity -> Projects tab.
  4. Select the test_project, and click on its corresponding Enabled cell. Uncheck the Enabled box and click the tick mark button. An error will pop up "Not Authorized to do this operation". 
  5. Now when you try to access anything on the webpage a window will pop-up with the error message "Unauthorized: Unable to retrieve information."
  6. Logout and login again. Select admin/demo as the current project and goto Identity -> Projects Tab. The test_project will show as disabled (Enabled = False)

  Screenshots of the errors attached.

  I am not sure if the admin user can disable the project it is logged
  in from or not. If it can, then horizon should not raise an error and
  if it cannot then only the error message should pop up and the project
  should not be set as disabled.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1398331/+subscriptions


References