[Openstack] New role and Group link on Dashboard

Fri, 14 Feb 2014 03:20:07 -0800 

Hello,I am struggling on this problem for 2 weeks. I am using updated Openstack 
Havana on Ubuntu 12.04 LTS. Dashboard and controller services are installed 
different servers. Controller server has keystone, nova etc services. Dashboard 
is installed standalone. I created a role "manager" on keystone, I added this 
role on policy.json file and give permission to manage groups (after some 
tests, I gave almost all identity permissions). In dashboard server, I wanted 
to create a group link on Project Dashboard. In order to see this link, I 
copied 
/usr/share/openstack-dashboard/openstack_dashboard/dashboards/admin/groups 
folder to 
/usr/share/openstack-dashboard/openstack_dashboard/dashboards/project/groups. I 
changed all links which defined for admin dashboard to project dashboard in 
groups folder files. I defined a new panel on Project Dashboard.py file. Now I 
can see Groups link on Project dashboard just below.In addition, I defined 
permission = ("openstack.role.manager") in newly created groups panel because I 
want to enable this link just for manager role.
  
My problem is that If user has an admin rights this groups link works ok. If I 
give a user to manager rights, Groups link can be seen in the first login, but 
when I click to the Groups link I have this error:

  

I tried to change keystone_policy.json on dashboard (same with keystone's 
policy.json). I tried to debug all logs but I cannot see any error on 
permission side. There is no error on Keystone server debug. I checked apache 
logs for dashboard error, but nothing wrong. Somehow dashboard do not allow 
manager role user to get in newly created groups page.I have this logs on my 
apache2/error.log:
    [Fri Feb 14 08:39:36 2014] [error] REQ: curl -i -X POST 
http://controller:5000/v3/auth/tokens -H "Content-Type: application/json" -H 
"User-Agent: python-keystoneclient"
[Fri Feb 14 08:39:36 2014] [error] REQ BODY: {"auth": {"identity": {"methods": 
["password"], "password": {"user": {"domain": {"name": "Default"}, "name": 
"manageruser", "password": "xxxxx"}}}}}
[Fri Feb 14 08:39:36 2014] [error]
[Fri Feb 14 08:39:36 2014] [error] INFO:urllib3.connectionpool:Starting new 
HTTP connection (1): controller
[Fri Feb 14 08:39:36 2014] [error] DEBUG:urllib3.connectionpool:"POST 
/v3/auth/tokens HTTP/1.1" 201 6525
[Fri Feb 14 08:39:36 2014] [error] RESP: [201] 
CaseInsensitiveDict({'x-subject-token': xxxxxxxxx
[Fri Feb 14 08:39:36 2014] [error] RESP BODY: {"token": {"methods": 
["password"], "roles": [{"id": "01c89d36a1a9494fa6ed727811495622", "name": 
"manager"}], "expires_at": "2014-02-15T08:39:23.790554Z", "project": {"domain": 
{"id": "default", "name": "Default"}, "id": "bbdb7287964f4a26bc749d9ddecb4f55", 
"name": "testproject"}, "catalog": [{"endpoints": [{"url": 
"http://controller:5000/v2.0";, "region": "regionOne", "legacy_endpoint_id": 
"fd13966eaa294b1595a18661c78c3de8", "interface": "public", "id": 
"26b339849c2a4e79b605a2f2d42c2d33"}, {"url": "http://controller:35357/v2.0";, 
"region": "regionOne", "legacy_endpoint_id": 
"fd13966eaa294b1595a18661c78c3de8", "interface": "admin", "id": 
"7c530920742946a99cf2a71ad9503e7a"}, {"url": "http://controller:5000/v2.0";, 
"region": "regionOne", "legacy_endpoint_id": 
"fd13966eaa294b1595a18661c78c3de8", "interface": "internal", "id": 
"c97bf6ff3d144bedb37825868e767596"}], "type": "identity", "id": 
"1778da57d7834612ae44f13d9c91ae55"}, {"endpoints": [{"url": 
"http://controller:8776/v2/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "de5975f4de414b718ede8a48ad4094d1", 
"interface": "admin", "id": "545990b1dc624d0e9e90ee95eb102518"}, {"url": 
"http://controller:8776/v2/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "de5975f4de414b718ede8a48ad4094d1", 
"interface": "public", "id": "b64a6400851b4ec1bd9c598336fad2a2"}, {"url": 
"http://controller:8776/v2/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "de5975f4de414b718ede8a48ad4094d1", 
"interface": "internal", "id": "bf76b2dd28f8433389e56a4a70f37eb5"}], "type": 
"volumev2", "id": "2f9304f3d7f74d9984de80d7df6eaf4f"}, {"endpoints": [{"url": 
"http://image:9292";, "region": "regionOne", "legacy_endpoint_id": 
"2817ba1a01b649a2b95dd00b8e990949", "interface": "admin", "id": 
"135dc0d154fe4712891f3b5959a58403"}, {"url": "http://image:9292";, "region": 
"regionOne", "legacy_endpoint_id": "2817ba1a01b649a2b95dd00b8e990949", 
"interface": "public", "id": "31893069bd19494fb4fe4251364fbfa4"}, {"url": 
"http://image:9292";, "region": "regionOne", "legacy_endpoint_id": 
"2817ba1a01b649a2b95dd00b8e990949", "interface": "internal", "id": 
"827ae89a03e14cceacf171efb2a1cea8"}], "type": "image", "id": 
"3c6fccb117394f919753cda16eeaa621"}, {"endpoints": [{"url": 
"http://controller:8000/v1";, "region": "regionOne", "legacy_endpoint_id": 
"3c8f12e440ae4e078d897b5763822f0b", "interface": "admin", "id": 
"3fbcb01ef860421d9a9fd62f9384c185"}, {"url": "http://controller:8000/v1";, 
"region": "regionOne", "legacy_endpoint_id": 
"3c8f12e440ae4e078d897b5763822f0b", "interface": "public", "id": 
"a643ee79ba1e4489b261c34ce0a8d476"}, {"url": "http://controller:8000/v1";, 
"region": "regionOne", "legacy_endpoint_id": 
"3c8f12e440ae4e078d897b5763822f0b", "interface": "internal", "id": 
"b54751197feb47fba6abb7489c3d1f68"}], "type": "cloudformation", "id": 
"623ebc01bd4048a29d5434ebf4cb124d"}, {"endpoints": [{"url": 
"http://controller:9696";, "region": "regionOne", "legacy_endpoint_id": 
"65d945aa98a84e35a12d90b855322711", "interface": "internal", "id": 
"4c475d3eb07f4c05a6e5e0e8c1d3a3d3"}, {"url": "http://controller:9696";, 
"region": "regionOne", "legacy_endpoint_id": 
"65d945aa98a84e35a12d90b855322711", "interface": "admin", "id": 
"89d031aff0ff4bf7b3fd17822279323b"}, {"url": "http://controller:9696";, 
"region": "regionOne", "legacy_endpoint_id": 
"65d945aa98a84e35a12d90b855322711", "interface": "public", "id": 
"e44c481e48a64138983fe5132c4fd70b"}], "type": "network", "id": 
"7508e6b9109d491faf97fa0393686758"}, {"endpoints": [{"url": 
"http://controller:8776/v1/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "eae8cbc4b3c44f0b9dbdebae6e951558", 
"interface": "internal", "id": "1bcc59371f17459891e9e2fe3cd87db8"}, {"url": 
"http://controller:8776/v1/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "eae8cbc4b3c44f0b9dbdebae6e951558", 
"interface": "admin", "id": "6f76e9ec497248dfb163ce64095ebf5b"}, {"url": 
"http://controller:8776/v1/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "eae8cbc4b3c44f0b9dbdebae6e951558", 
"interface": "public", "id": "f57e05df78a844aeaa55dcd1e190adb1"}], "type": 
"volume", "id": "7870da6a09ff43d7b24b125e90ec84ba"}, {"endpoints": [{"url": 
"http://controller:8004/v1/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "94bd0c96843848d49d7e993be40c6c97", 
"interface": "internal", "id": "782bcddb45714448a046f280e3597c2c"}, {"url": 
"http://controller:8004/v1/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "94bd0c96843848d49d7e993be40c6c97", 
"interface": "admin", "id": "78485b4dfa2b49bbae6bf615786e10e3"}, {"url": 
"http://controller:8004/v1/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "94bd0c96843848d49d7e993be40c6c97", 
"interface": "public", "id": "c7477ac664914a508042d24100970893"}], "type": 
"orchestration", "id": "b1d6edc433984c3a9f351d94505d4948"}, {"endpoints": 
[{"url": "http://controller:8774/v2/bbdb7287964f4a26bc749d9ddecb4f55";, 
"region": "regionOne", "legacy_endpoint_id": 
"666a0529c1554d2cb36a94e0d720811a", "interface": "admin", "id": 
"c189331d83414d9ca89ac73a21b26861"}, {"url": 
"http://controller:8774/v2/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "666a0529c1554d2cb36a94e0d720811a", 
"interface": "public", "id": "e7e4384daee44a239cb8e17b8c2c6509"}, {"url": 
"http://controller:8774/v2/bbdb7287964f4a26bc749d9ddecb4f55";, "region": 
"regionOne", "legacy_endpoint_id": "666a0529c1554d2cb36a94e0d720811a", 
"interface": "internal", "id": "fce995f8856842bfb544e639cd287ad1"}], "type": 
"compute", "id": "f717913cf4a6401b8d810838f48988f6"}, {"endpoints": [{"url": 
"http://telemetry:8777";, "region": "regionOne", "legacy_endpoint_id": 
"666b61efd9a04d1e8cb686dde9b9fabe", "interface": "public", "id": 
"32bfb0ac540243d09f2a2bf8a331823c"}, {"url": "http://telemetry:8777";, "region": 
"regionOne", "legacy_endpoint_id": "666b61efd9a04d1e8cb686dde9b9fabe", 
"interface": "internal", "id": "ebe3a89a06b0485bab9e1ee44f6be694"}, {"url": 
"http://telemetry:8777";, "region": "regionOne", "legacy_endpoint_id": 
"666b61efd9a04d1e8cb686dde9b9fabe", "interface": "admin", "id": 
"fa2065687959471f897c181ff4099425"}], "type": "metering", "id": 
"fe7ef38ef58b4db19fba1fed46a0fda4"}], "extras": {}, "user": {"domain": {"id": 
"default", "name": "Default"}, "id": "6e08b2ea6f4f4f3d84a2cbe2f3e4c446", 
"name": "manageruser"}, "issued_at": "2014-02-14T08:39:23.790589Z"}}
[Fri Feb 14 08:39:36 2014] [error]
[Fri Feb 14 08:39:36 2014] [error] Login successful for user "manageruser".

<<inline: Capture2.PNG>>

<<inline: Capture.PNG>>

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : [email protected]
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Reply via email to