yahoo-eng-team team mailing list archive

[OpenStack Infra <1878938@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/731087
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=c1dcbb05b4488f1fa3e7af4d9171d11702d94119
Submitter: Zuul
Branch:    master

commit c1dcbb05b4488f1fa3e7af4d9171d11702d94119
Author: Vishakha Agarwal <agarwalvishakha18@xxxxxxxxx>
Date:   Wed May 27 12:08:41 2020 +0530

    Delete system role assignments from system_assignment table
    
    This patch ensures to delete the system role assignments from
    all the assignment tables in keystone after deleting the role
    user has over the system.
    
    This also make sure of deleting stale role assignments before
    deleting role for the deployments that are already in this state.
    
    Closes-Bug: #1878938
    
    Change-Id: I4df19c45c870ff3fb78578ca1fb7dd0d35da3c82


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1878938

Title:
  System role assignments exist after system role delete

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  How to reproduce:

  1. Create role:
  openstack role create dumb_reader
  2. Create system role assignment
  openstack role add --system all --user admin dumb_reader
  3. Check role:
  openstack role assignment list --system all
  4. Delete role:
  openstack role delete dumb_reader

  What is expected:
  All role assignments with the deleted role are removed.

  What is in the reality:
  System role assignments are left in the keystone.system_assignment table.

  Version of the Keystone: stable/train

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1878938/+subscriptions