** Also affects: keystone/juno Importance: Undecided Status: New ** Changed in: keystone/juno Milestone: None => 2014.2.2
** Changed in: keystone/juno Status: New => Fix Committed -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Keystone. https://bugs.launchpad.net/bugs/1390640 Title: /auth/domains incorrectly includes domains with only user inherited roles Status in OpenStack Identity (Keystone): Fix Released Status in Keystone juno series: Fix Committed Bug description: The /auth/domains API call is meant to return list of domains for which the user could ask for a domain-scoped token - i.e. any domain on which they have a role. However, the code manager/driver method it calls (list_domain_for_user) does not differentiate between inherited and non-inherited user roles - and hence might include domains for which the user has no effective role (a domain inherited role ONLY applies to the projects within that domain, not to the domain itself). To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1390640/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp