← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #33693

[Bug 1464652] Re: loss of privileges of current admin user

  Thread PreviousDate PreviousThread Next 
This is by design on the keystone side. As a consequence of a reducing a
user's current authorization, relevant tokens are revoked and the user
must subsequently re-authenticate.

If horizon stored an unscoped token along with the active scoped token,
it could re-authenticate for another scoped token transparently to the
end user. Because I've seen this reported a couple times over the years,
I'm going to punt to Horizon this time :)

** Also affects: horizon
   Importance: Undecided
       Status: New

** Changed in: keystone
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1464652

Title:
  loss of privileges of current admin user

Status in OpenStack Dashboard (Horizon):
  New
Status in OpenStack Identity (Keystone):
  Won't Fix

Bug description:
  When I'm logged into openstack  as the "admin" user into a project.
  I created a new project and added "admin" user to it and saved. Again I removed user "admin" from the same project and saved. Then he ("admin" user) looses all his admin privileges from the current session. He can't see any projects or users.  We will  have to log in again to re-gain the admin privileges.

  In detail:
  1. Log in as user "admin"
  2. Select "Current Project = admin", "View = admin"
  3. Click "Projects"
  4. Click "+ Create Project"
  5. Name: "test", Description: "", Enabled: checked
  6. Project Members: click the "+" for "admin", now the admin user is added
     with the "_member_" role
  7. Click "Create Project" to close the dialog window
  8. In the column of project "test", click on "Modify Users"
  9. Click on the "-" for the "admin" user to remove her
  10. Click "Save"
  11. An error pops up, "Error: Unauthorized: Unable to retrieve project list."

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1464652/+subscriptions

References

  Thread PreviousDate PreviousThread Next