yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1564851] [NEW] Using the latest keystone V3 policy throws a TypeError

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Rudolf Vriend <rudolf.vriend@xxxxxxx>
Date: Fri, 01 Apr 2016 11:06:44 -0000
Reply-to: Bug 1564851 <1564851@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Running horizon 9.0.0.0rc2 with the corresponding keystone V3 policy
version throws a TypeError while evaluating the policy rule
"cloud_admin": "role:admin and (token.is_admin_project:True or
domain_id:default)": 'Token' object has no attribute '__getitem__'

It seems that keystoneauth1, django_openstack_auth and horizon do not
fully support access to the required set of keystone attributes in the
auth context:
https://github.com/openstack/keystone/blob/master/keystone/common/authorization.py#L32-L51.

** Affects: horizon
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1564851

Title:
  Using the latest keystone V3 policy throws a TypeError

Status in OpenStack Dashboard (Horizon):
  New

Bug description:
  Running horizon 9.0.0.0rc2 with the corresponding keystone V3 policy
  version throws a TypeError while evaluating the policy rule
  "cloud_admin": "role:admin and (token.is_admin_project:True or
  domain_id:default)": 'Token' object has no attribute '__getitem__'

  It seems that keystoneauth1, django_openstack_auth and horizon do not
  fully support access to the required set of keystone attributes in the
  auth context:
  https://github.com/openstack/keystone/blob/master/keystone/common/authorization.py#L32-L51.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1564851/+subscriptions