← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1794376] Re: Domains API should account for system-scope and default roles

 

Reviewed:  https://review.openstack.org/605850
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=7fa424f1de1ac29c2d34d02cae04b845df5837b1
Submitter: Zuul
Branch:    master

commit 7fa424f1de1ac29c2d34d02cae04b845df5837b1
Author: Lance Bragstad <lbragstad@xxxxxxxxx>
Date:   Thu Sep 27 18:26:48 2018 +0000

    Implement system admin role in domains API
    
    This commit introduces the system admin role to the API, making it
    consistent with other system-admin policy definitions.
    
    Subsequent patches will include domain support for:
    
      - domain user test coverage
      - project user test coverage
    
    Change-Id: Ic9a789dc3f34d9735de3b4bc4bd48b41190cbfba
    Closes-Bug: 1794376
    Partial-Bug: 968696


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1794376

Title:
  Domains API should account for system-scope and default roles

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  Keystone domains are an important resource that only system
  administrators, members, or readers should be able to manage. We
  should update the domain policies to include system-scoped test
  coverage and consumption of the new default roles in keystone.

  System administrators should be able to:
    - GET /v3/domains/
    - GET /v3/damains/{domain_id}
    - POST /v3/domains/
    - PATCH /v3/domains/{domain_id}
    - DELETE /v3/domains/{domain_id}

  System members should be able to:
    - GET /v3/domains/
    - GET /v3/damains/{domain_id}
    - PATCH /v3/domains/{domain_id}

  System readers should be able to:
    - GET /v3/domains/
    - GET /v3/damains/{domain_id}

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1794376/+subscriptions


References