Back to bug 1303723
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla Rules Engine | 2016-02-01 18:34:58 UTC | Target Release | --- | 8.0 |
| Zane Bitter | 2016-02-01 18:41:10 UTC | Assignee | zbitter | sbaker |
| Zane Bitter | 2016-02-03 21:32:12 UTC | CC | zbitter | |
| Flags | needinfo?(shardy) | |||
| Rabi Mishra | 2016-02-05 07:07:29 UTC | CC | ramishra | |
| Zane Bitter | 2016-02-24 21:08:58 UTC | Status | NEW | POST |
| Zane Bitter | 2016-02-26 21:33:04 UTC | Status | POST | MODIFIED |
| Fixed In Version | openstack-heat-5.0.1-2.el7ost | |||
| Jon Schlueter | 2016-03-03 13:40:49 UTC | CC | jschluet | |
| Target Milestone | --- | ga | ||
| errata-xmlrpc | 2016-03-03 14:23:55 UTC | Status | MODIFIED | ON_QA |
| Jon Schlueter | 2016-03-03 14:32:12 UTC | Status | ON_QA | MODIFIED |
| errata-xmlrpc | 2016-03-03 15:57:18 UTC | Status | MODIFIED | ON_QA |
| Amit Ugol | 2016-03-07 17:34:32 UTC | QA Contact | augol | ohochman |
| Zane Bitter | 2016-03-16 15:46:52 UTC | Assignee | sbaker | ramishra |
| Flags | needinfo?(shardy) | |||
| Rabi Mishra | 2016-03-21 12:32:27 UTC | Doc Text | Cause: Currently we leave the context roles empty when loading the stored context. When signaling we use the stored context(trust scoped token) and if context does not have any roles, it fails. Consequence: It fails with "trustee has no delegated roles". Fix: Populate roles when loading the stored context. Loading the auth ref and populating the roles from the token ensure any RBAC performed on the context roles will work as expected Result: Stack update succeeds. |
|
| Martin Lopes | 2016-03-30 03:26:01 UTC | CC | mlopes | |
| Doc Text | Cause: Currently we leave the context roles empty when loading the stored context. When signaling we use the stored context(trust scoped token) and if context does not have any roles, it fails. Consequence: It fails with "trustee has no delegated roles". Fix: Populate roles when loading the stored context. Loading the auth ref and populating the roles from the token ensure any RBAC performed on the context roles will work as expected Result: Stack update succeeds. | Previously, heat would leave the context roles empty when loading the stored context. When signaling heat used the stored context (trust scoped token), and if the context did not have any roles, it failed. Consequently, the process failed with the error 'trustee has no delegated roles'. This fix addresses this issue by populating roles when loading the stored context. As a result, loading the auth ref, and populating the roles from the token will confirm that any RBAC performed on the context roles will work as expected, and that the stack update succeeds. | ||
| Amit Ugol | 2016-04-07 17:10:11 UTC | Status | ON_QA | VERIFIED |
| CC | augol | |||
| errata-xmlrpc | 2016-04-07 21:27:18 UTC | Status | VERIFIED | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-04-07 17:27:18 UTC | |||
| Perry Myers | 2016-04-27 05:22:00 UTC | CC | pmyers |
Back to bug 1303723