yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1796077] [NEW] policy.json doesn't allow user to change password

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Ching Kuo <igene@xxxxxxxx>
Date: Thu, 04 Oct 2018 11:44:49 -0000
Reply-to: Bug 1796077 <1796077@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Currently in Keystone the default policy.v3cloudsample.json doesn't
allow user to change its password.

It's defined in:
"identity:update_user": "rule:cloud_admin or rule:admin_and_matching_target_user_domain_id"
which make user (which is owner in policy.json) unable to change it own password.

Not sure if this change is intended or not, but as a operator, I would
like to allow users to change its password by default.

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1796077

Title:
  policy.json doesn't allow user to change password

Status in OpenStack Identity (keystone):
  New

Bug description:
  Currently in Keystone the default policy.v3cloudsample.json doesn't
  allow user to change its password.

  It's defined in:
  "identity:update_user": "rule:cloud_admin or rule:admin_and_matching_target_user_domain_id"
  which make user (which is owner in policy.json) unable to change it own password.

  Not sure if this change is intended or not, but as a operator, I would
  like to allow users to change its password by default.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1796077/+subscriptions

Follow ups

[Bug 1796077] Re: policy.json doesn't allow user to change password
From: Gage Hugo, 2018-10-04