OpenStack Identity (keystone)

  1. Bug #1794864
  2. Comment #3

Comment 3 for bug 1794864

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/605851
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=1d32de5fe9c8465e2a70bf75dba7bdfeefa80ec9
Submitter: Zuul
Branch: master

commit 1d32de5fe9c8465e2a70bf75dba7bdfeefa80ec9
Author: Lance Bragstad <email address hidden>
Date: Thu Sep 27 19:12:20 2018 +0000

    Allow domain users to access the GET domain API

    This change updates the policy for identity:get_domains to allow
    users with role assignments on a domain to fetch the domain. As long
    as they call the API with a domain scoped token, they should be
    authorized to retrieve the domain. Subsequent patches will do the
    same for project users.

    Change-Id: I83a9b8af775580d36a1141be55e9c1cc283a75b6
    Partial-Bug: 1794864
    Partial-Bug: 968696