Bug 1629125 - OSP domain user seen objects from other domain tenants
Summary: OSP domain user seen objects from other domain tenants
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Providers
Version: 5.9.0
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: GA
: 5.9.5
Assignee: Marek Aufart
QA Contact: Jadh
URL:
Whiteboard:
Depends On: 1593923
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-09-14 20:55 UTC by Satoe Imaishi
Modified: 2018-11-05 14:00 UTC (History)
9 users (show)

Fixed In Version: 5.9.5.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1593923
Environment:
Last Closed: 2018-11-05 13:59:33 UTC
Category: ---
Cloudforms Team: Openstack


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:3466 None None None 2018-11-05 14:00:11 UTC

Comment 2 CFME Bot 2018-09-24 14:28:12 UTC
New commit detected on ManageIQ/manageiq-providers-openstack/gaprindashvili:

https://github.com/ManageIQ/manageiq-providers-openstack/commit/8ad0a3d9ca5a4dd6e3ef4a167fa138276b1b44cc
commit 8ad0a3d9ca5a4dd6e3ef4a167fa138276b1b44cc
Author:     Samuel Lucidi <mansam@csh.rit.edu>
AuthorDate: Tue Sep 11 12:52:33 2018 -0400
Commit:     Samuel Lucidi <mansam@csh.rit.edu>
CommitDate: Tue Sep 11 12:52:33 2018 -0400

    Merge pull request #342 from aufi/domain_projects_scope

    Filter Keystone Projects by domain_id

    (cherry picked from commit 54ab551ba88f40a03093958520cfe79dd325a53f)

    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1629125

 lib/manageiq/providers/openstack/legacy/openstack_handle/identity_delegate.rb | 3 +-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comment 3 Jadh 2018-10-08 12:40:27 UTC
Hi,

Could you please provide steps to reproduce

Thanks

Comment 4 Marek Aufart 2018-10-10 12:22:18 UTC
OSP side:
Setup OSP environment with multiple domains (default + one other) including at least one project per domain, make the admin user to be an admin on both domains.
Boot a VM in default domain and one VM in the other domain.

CF:
Add OSP provider with one of domains (keystonev3), after refresh, you should be able see only VM from the domain entered in provider form (not from the other one).

Comment 5 Jadh 2018-10-11 12:09:03 UTC
Verified on 5.9.5.0 over rhos 13

Comment 7 errata-xmlrpc 2018-11-05 13:59:33 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:3466


Note You need to log in before you can comment on or make changes to this bug.