set user_update policy to admin_required
This changes the default policy.json to prevent users from changing their own attributes such as password, name, or default_project_id. Closes-Bug: 1237989 Change-Id: I7de5fff3d72a76b78113e289c57a9fac2096395f
This commit is contained in:
parent
c14ebd668f
commit
3866991918
|
@ -35,7 +35,7 @@
|
|||
"identity:get_user": [["rule:admin_required"]],
|
||||
"identity:list_users": [["rule:admin_required"]],
|
||||
"identity:create_user": [["rule:admin_required"]],
|
||||
"identity:update_user": [["rule:admin_or_owner"]],
|
||||
"identity:update_user": [["rule:admin_required"]],
|
||||
"identity:delete_user": [["rule:admin_required"]],
|
||||
|
||||
"identity:get_group": [["rule:admin_required"]],
|
||||
|
|
|
@ -2220,14 +2220,9 @@ class TestTrustAuth(TestAuthInfo):
|
|||
self.user_id, expected_status=200,
|
||||
token=trust_token)
|
||||
|
||||
auth_data = self.build_authentication_request(
|
||||
user_id=self.trustee_user['id'],
|
||||
password=self.trustee_user['password'])
|
||||
|
||||
self.assertValidUserResponse(
|
||||
self.patch('/users/%s' % self.trustee_user['id'],
|
||||
body={'user': {'password': uuid.uuid4().hex}},
|
||||
auth=auth_data,
|
||||
expected_status=200))
|
||||
|
||||
self.get('/OS-TRUST/trusts?trustor_user_id=%s' %
|
||||
|
|
Loading…
Reference in New Issue