Description of problem:
On OSP side we have multiple domains "local domain, and AD domain", we created local domain account with the admin role in the local domain, and also has admin role on AD domain.
We added OSP to CloudForms using that account and we use the AD domain ID.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
The user can see all the objects in OSP side except the instances.
The user should only see objects within the AD domain
New commit detected on ManageIQ/manageiq-providers-openstack/master:
Author: Marek Aufart <firstname.lastname@example.org>
AuthorDate: Tue Sep 4 07:41:50 2018 -0400
Commit: Marek Aufart <email@example.com>
CommitDate: Tue Sep 4 07:41:50 2018 -0400
Filter Keystone Projects by domain_id
OpenStack provides list of all projects accessible for a user.
MIQ allows to specify domain_id in Add provider form, so it is
expected see only project within such domain.
Filtering of projects available for the user by domain_id was added.
lib/manageiq/providers/openstack/legacy/openstack_handle/identity_delegate.rb | 3 +-
1 file changed, 2 insertions(+), 1 deletion(-)
Verified on 184.108.40.206