← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1474284] [NEW] Adding users from different domain to a group

 

Public bug reported:

I have created two domains. And I have created users in both the
domains. I created a group in first domain, and I tried adding those
users from other domains to this group, it added successfully.


But according to this page https://wiki.openstack.org/wiki/Domains, it should not allow.

Here are the steps to reproduce this :-
created new domain Domain9


curl -i -k -X POST https://url/v3/domains -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @domain.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:48:15 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 214
Content-Type: application/json

{"domain": {"links": {"self":
"https://url/v3/domains/dc1d36c037ac4e47b3b21424f1a13273"}, "enabled":
true, "description": "Description.", "name": "Domain9", "id":
"dc1d36c037ac4e47b3b21424f1a13273"}}



created  user fd22 in domain Domain9


 curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:49:27 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 269
Content-Type: application/json

{"user": {"links": {"self":
"https://url/v3/users/533979e9b80645799028c51ccec55cce"}, "description":
"Sample keystone test user", "name": "fd22", "enabled": true, "id":
"533979e9b80645799028c51ccec55cce", "domain_id":
"dc1d36c037ac4e47b3b21424f1a13273"}}


created user fd23 in default domain


vi user.json
provo-sand:~/bajarang # curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:50:56 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 244
Content-Type: application/json

{"user": {"links": {"self":
"https://url/v3/users/8a43e5f3facb4fc2985a18a40de2046e"}, "description":
"Sample keystone test user", "name": "fd23", "enabled": true, "id":
"8a43e5f3facb4fc2985a18a40de2046e", "domain_id": "default"}}


created group DomainGroup10 in default domain


curl -i -k -X POST https://url/v3/groups -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @newgroup.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:52:49 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 225
Content-Type: application/json

{"group": {"domain_id": "default", "description": "Description.", "id":
"0b72f1dd6f514adb989a752b9a72e005", "links": {"self":
"url/v3/groups/0b72f1dd6f514adb989a752b9a72e005"}, "name":
"DomainGroup10"}}


Added user 'fd22' from  Domain9 to DomainGroup10


curl -i -k -X PUT https://url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/533979e9b80645799028c51ccec55cce -H "Content-Type: application/json" -H "X-Auth-Token: $token"
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:53:17 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0

Added user 'fd23'  from Default  to DomainGroup10

 curl -i -k -X PUT https:/url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/8a43e5f3facb4fc2985a18a40de2046e -H "Content-Type: application/json" -H "X-Auth-Token: $token"
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:54:20 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1474284

Title:
  Adding users from different domain to a group

Status in Keystone:
  New

Bug description:
  I have created two domains. And I have created users in both the
  domains. I created a group in first domain, and I tried adding those
  users from other domains to this group, it added successfully.

  
  But according to this page https://wiki.openstack.org/wiki/Domains, it should not allow.

  Here are the steps to reproduce this :-
  created new domain Domain9


  
  curl -i -k -X POST https://url/v3/domains -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @domain.json
  HTTP/1.1 201 Created
  Date: Fri, 10 Jul 2015 09:48:15 GMT
  Server: Apache/2.4.10 (Linux/SUSE)
  Vary: X-Auth-Token
  Content-Length: 214
  Content-Type: application/json

  {"domain": {"links": {"self":
  "https://url/v3/domains/dc1d36c037ac4e47b3b21424f1a13273"}, "enabled":
  true, "description": "Description.", "name": "Domain9", "id":
  "dc1d36c037ac4e47b3b21424f1a13273"}}



  
  created  user fd22 in domain Domain9


   curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
  HTTP/1.1 201 Created
  Date: Fri, 10 Jul 2015 09:49:27 GMT
  Server: Apache/2.4.10 (Linux/SUSE)
  Vary: X-Auth-Token
  Content-Length: 269
  Content-Type: application/json

  {"user": {"links": {"self":
  "https://url/v3/users/533979e9b80645799028c51ccec55cce"},
  "description": "Sample keystone test user", "name": "fd22", "enabled":
  true, "id": "533979e9b80645799028c51ccec55cce", "domain_id":
  "dc1d36c037ac4e47b3b21424f1a13273"}}

  
  created user fd23 in default domain

  
  vi user.json
  provo-sand:~/bajarang # curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
  HTTP/1.1 201 Created
  Date: Fri, 10 Jul 2015 09:50:56 GMT
  Server: Apache/2.4.10 (Linux/SUSE)
  Vary: X-Auth-Token
  Content-Length: 244
  Content-Type: application/json

  {"user": {"links": {"self":
  "https://url/v3/users/8a43e5f3facb4fc2985a18a40de2046e"},
  "description": "Sample keystone test user", "name": "fd23", "enabled":
  true, "id": "8a43e5f3facb4fc2985a18a40de2046e", "domain_id":
  "default"}}


  created group DomainGroup10 in default domain


  curl -i -k -X POST https://url/v3/groups -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @newgroup.json
  HTTP/1.1 201 Created
  Date: Fri, 10 Jul 2015 09:52:49 GMT
  Server: Apache/2.4.10 (Linux/SUSE)
  Vary: X-Auth-Token
  Content-Length: 225
  Content-Type: application/json

  {"group": {"domain_id": "default", "description": "Description.",
  "id": "0b72f1dd6f514adb989a752b9a72e005", "links": {"self":
  "url/v3/groups/0b72f1dd6f514adb989a752b9a72e005"}, "name":
  "DomainGroup10"}}


  Added user 'fd22' from  Domain9 to DomainGroup10

  
  curl -i -k -X PUT https://url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/533979e9b80645799028c51ccec55cce -H "Content-Type: application/json" -H "X-Auth-Token: $token"
  HTTP/1.1 204 No Content
  Date: Fri, 10 Jul 2015 09:53:17 GMT
  Server: Apache/2.4.10 (Linux/SUSE)
  Vary: X-Auth-Token
  Content-Length: 0

  Added user 'fd23'  from Default  to DomainGroup10

   curl -i -k -X PUT https:/url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/8a43e5f3facb4fc2985a18a40de2046e -H "Content-Type: application/json" -H "X-Auth-Token: $token"
  HTTP/1.1 204 No Content
  Date: Fri, 10 Jul 2015 09:54:20 GMT
  Server: Apache/2.4.10 (Linux/SUSE)
  Vary: X-Auth-Token
  Content-Length: 0

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1474284/+subscriptions


Follow ups