yahoo-eng-team team mailing list archive

[Brian Tully <brian.tully@xxxxxx>]

Public bug reported:

When domain scoped tokens are used against Keystone v3, the Domain Admin
user should not have the permissions to manage or list quotas, nor the
permissions to view usages for projects. These table actions should be
removed within the Identity/Projects table if the logged in user is not
the Cloud Admin.

Note: this bug will only be present when Horizon is configured with a
keystone v3 policy file and all the dependent patches related to domain
scoped tokens applied to horizon, keystone, django-openstack-auth and
python-keystoneclient.

** Affects: horizon
     Importance: Undecided
     Assignee: Brian Tully (brian-tully)
         Status: In Progress

** Changed in: horizon
     Assignee: (unassigned) => Brian Tully (brian-tully)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1462020

Title:
  For non Cloud Admin user, Quota and Usage table actions should not be
  displayed (Keystone v3 Domains)

Status in OpenStack Dashboard (Horizon):
  In Progress

Bug description:
  When domain scoped tokens are used against Keystone v3, the Domain Admin
  user should not have the permissions to manage or list quotas, nor the
  permissions to view usages for projects. These table actions should be
  removed within the Identity/Projects table if the logged in user is not
  the Cloud Admin.

  Note: this bug will only be present when Horizon is configured with a
  keystone v3 policy file and all the dependent patches related to
  domain scoped tokens applied to horizon, keystone, django-openstack-
  auth and python-keystoneclient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1462020/+subscriptions