yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #35283
[Bug 1474284] [NEW] Adding users from different domain to a group
Public bug reported:
I have created two domains. And I have created users in both the
domains. I created a group in first domain, and I tried adding those
users from other domains to this group, it added successfully.
But according to this page https://wiki.openstack.org/wiki/Domains, it should not allow.
Here are the steps to reproduce this :-
created new domain Domain9
curl -i -k -X POST https://url/v3/domains -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @domain.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:48:15 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 214
Content-Type: application/json
{"domain": {"links": {"self":
"https://url/v3/domains/dc1d36c037ac4e47b3b21424f1a13273"}, "enabled":
true, "description": "Description.", "name": "Domain9", "id":
"dc1d36c037ac4e47b3b21424f1a13273"}}
created user fd22 in domain Domain9
curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:49:27 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 269
Content-Type: application/json
{"user": {"links": {"self":
"https://url/v3/users/533979e9b80645799028c51ccec55cce"}, "description":
"Sample keystone test user", "name": "fd22", "enabled": true, "id":
"533979e9b80645799028c51ccec55cce", "domain_id":
"dc1d36c037ac4e47b3b21424f1a13273"}}
created user fd23 in default domain
vi user.json
provo-sand:~/bajarang # curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:50:56 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 244
Content-Type: application/json
{"user": {"links": {"self":
"https://url/v3/users/8a43e5f3facb4fc2985a18a40de2046e"}, "description":
"Sample keystone test user", "name": "fd23", "enabled": true, "id":
"8a43e5f3facb4fc2985a18a40de2046e", "domain_id": "default"}}
created group DomainGroup10 in default domain
curl -i -k -X POST https://url/v3/groups -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @newgroup.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:52:49 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 225
Content-Type: application/json
{"group": {"domain_id": "default", "description": "Description.", "id":
"0b72f1dd6f514adb989a752b9a72e005", "links": {"self":
"url/v3/groups/0b72f1dd6f514adb989a752b9a72e005"}, "name":
"DomainGroup10"}}
Added user 'fd22' from Domain9 to DomainGroup10
curl -i -k -X PUT https://url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/533979e9b80645799028c51ccec55cce -H "Content-Type: application/json" -H "X-Auth-Token: $token"
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:53:17 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0
Added user 'fd23' from Default to DomainGroup10
curl -i -k -X PUT https:/url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/8a43e5f3facb4fc2985a18a40de2046e -H "Content-Type: application/json" -H "X-Auth-Token: $token"
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:54:20 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1474284
Title:
Adding users from different domain to a group
Status in Keystone:
New
Bug description:
I have created two domains. And I have created users in both the
domains. I created a group in first domain, and I tried adding those
users from other domains to this group, it added successfully.
But according to this page https://wiki.openstack.org/wiki/Domains, it should not allow.
Here are the steps to reproduce this :-
created new domain Domain9
curl -i -k -X POST https://url/v3/domains -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @domain.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:48:15 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 214
Content-Type: application/json
{"domain": {"links": {"self":
"https://url/v3/domains/dc1d36c037ac4e47b3b21424f1a13273"}, "enabled":
true, "description": "Description.", "name": "Domain9", "id":
"dc1d36c037ac4e47b3b21424f1a13273"}}
created user fd22 in domain Domain9
curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:49:27 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 269
Content-Type: application/json
{"user": {"links": {"self":
"https://url/v3/users/533979e9b80645799028c51ccec55cce"},
"description": "Sample keystone test user", "name": "fd22", "enabled":
true, "id": "533979e9b80645799028c51ccec55cce", "domain_id":
"dc1d36c037ac4e47b3b21424f1a13273"}}
created user fd23 in default domain
vi user.json
provo-sand:~/bajarang # curl -i -k -X POST https://url/v3/users -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @user.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:50:56 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 244
Content-Type: application/json
{"user": {"links": {"self":
"https://url/v3/users/8a43e5f3facb4fc2985a18a40de2046e"},
"description": "Sample keystone test user", "name": "fd23", "enabled":
true, "id": "8a43e5f3facb4fc2985a18a40de2046e", "domain_id":
"default"}}
created group DomainGroup10 in default domain
curl -i -k -X POST https://url/v3/groups -H "Content-Type: application/json" -H "X-Auth-Token: $token" -d @newgroup.json
HTTP/1.1 201 Created
Date: Fri, 10 Jul 2015 09:52:49 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 225
Content-Type: application/json
{"group": {"domain_id": "default", "description": "Description.",
"id": "0b72f1dd6f514adb989a752b9a72e005", "links": {"self":
"url/v3/groups/0b72f1dd6f514adb989a752b9a72e005"}, "name":
"DomainGroup10"}}
Added user 'fd22' from Domain9 to DomainGroup10
curl -i -k -X PUT https://url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/533979e9b80645799028c51ccec55cce -H "Content-Type: application/json" -H "X-Auth-Token: $token"
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:53:17 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0
Added user 'fd23' from Default to DomainGroup10
curl -i -k -X PUT https:/url/v3/groups/0b72f1dd6f514adb989a752b9a72e005/users/8a43e5f3facb4fc2985a18a40de2046e -H "Content-Type: application/json" -H "X-Auth-Token: $token"
HTTP/1.1 204 No Content
Date: Fri, 10 Jul 2015 09:54:20 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Vary: X-Auth-Token
Content-Length: 0
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1474284/+subscriptions
Follow ups