openstack
/
deb-keystone
Code Issues Proposed changes
deb-keystone/keystone
History
Boris Bobrov 955fd6ca37 Do not fetch group assignments without groups 
Without the change, the method fetched all assignments for a project
or domain, regardless of who has the assignment, user or group. This
led to situation when federated user without groups could scope a token
with other user's rules.

Return empty list of assignments if no groups were passed.

Closes-Bug: 1677723
Change-Id: I65f5be915bef2f979e70b043bde27064e970349d
(cherry picked from commit 2139639eea)
 		2017-04-25 14:36:12 +00:00
..
assignment Do not fetch group assignments without groups 2017-04-25 14:36:12 +00:00
auth Merge "Remove de-dupe for MFA Rule parsing." 2017-02-01 20:51:18 +00:00
catalog Do not call `to_dict` outside of a session context 2017-01-25 06:12:20 +00:00
cmd Fix bad error message from FernetUtils 2017-01-30 19:11:49 -08:00
common Merge "Use https for docs.openstack.org references" 2017-02-01 16:36:44 +00:00
conf Create user option `ignore_lockout_failure_attempts` 2017-01-29 13:19:44 -08:00
contrib Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
credential Fix bad error message from FernetUtils 2017-01-30 19:11:49 -08:00
endpoint_policy Merge "Create unit tests for endpoint policy drivers" 2016-11-10 13:45:23 +00:00
federation Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
identity Merge "Stop reading local config dirs for domain-specific SQL config driver" into stable/ocata 2017-03-03 23:11:39 +00:00
locale Imported Translations from Zanata 2017-04-08 07:35:01 +00:00
middleware Merge "Add is_admin_project to policy dict" 2016-10-14 15:59:07 +00:00
models Fix cloud_admin rule and ensure only project tokens can be cloud admin 2016-12-23 09:31:08 +00:00
oauth1 Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
policy Merge "Pass initiator to Manager as a kwarg" 2016-10-09 02:57:43 +00:00
resource Remove code supporting moving resources between domains 2017-01-24 13:08:48 -08:00
revoke Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
server Error messages are not translating with locale. 2017-03-26 17:53:50 +00:00
tests Do not fetch group assignments without groups 2017-04-25 14:36:12 +00:00
token Merge "Use https for docs.openstack.org references" 2017-02-01 16:36:44 +00:00
trust Remove eventlet-related call to sleep 2016-11-24 12:43:18 +00:00
v2_crud Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
version Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
__init__.py Revert "Disable eventlet monkey-patching of DNS" 2013-05-10 10:24:48 -04:00
exception.py Process and validate auth methods against MFA rules 2017-01-31 08:48:35 -08:00
i18n.py Use https for docs.openstack.org references 2017-01-30 16:05:08 -08:00
notifications.py Remove unused exceptions from CADF notifications 2017-01-04 18:11:30 +00:00