yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1590805] Re: Revoking "admin" role from a group invalidates domain admin's token

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Colleen Murphy <colleen@xxxxxxxxxxx>
Date: Wed, 10 Oct 2018 07:53:45 -0000
Reply-to: Bug 1590805 <1590805@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Agreed, this looks like this was fixed in
https://review.openstack.org/440281 , please reopen if you disagree

** Changed in: keystone
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1590805

Title:
  Revoking "admin" role from a group invalidates domain admin's token

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  Steps to reproduce

  1. Login as domain admin
  2. Create a new group and grant "admin" role to it.
  3. Group will be empty with no users added to it.(Domain admin won't be part of this group)
  4. Now revoke "admin" role from this group.
  5. Token for domain admin will be invalidated and he/she has to login again.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1590805/+subscriptions

References

[Bug 1590805] [NEW] Revoking "admin" role from a group invalidates user token
From: Niranjana Adiga, 2016-06-09