openstack
/
keystone
Code Issues Proposed changes
keystone/keystone
History
Markus Hentsch 7697140fc2 Add domain scoping to list_domains 
Introduces domain-scoped filtering of the response list of the
list_domains endpoint when the user is authenticated in domain scope
instead of returning all domains. This aligns the implementation with
other endpoints like list_projects or list_groups and allows for a
domain-scoped reader role.
Changes the default policy rule for identity:list_domains to
incorporate this new behavior for the reader role.

Closes-Bug: 2041611
Change-Id: I8ee50efc3b4850060cce840fc904bae17f1503a9
(cherry picked from commit dd785ee692)
 		2024-05-31 12:59:46 +00:00
..
api Add domain scoping to list_domains 2024-05-31 12:59:46 +00:00
application_credential db: Replace use of reverse cascades 2023-02-28 17:26:39 +00:00
assignment Improve application credential validation speed 2024-02-20 04:56:27 +00:00
auth Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00
catalog db: Replace use of Query.get() 2023-02-28 17:26:39 +00:00
cmd Add ability to create users and projects from keystone-manage 2024-03-26 14:56:38 +00:00
common Add domain scoping to list_domains 2024-05-31 12:59:46 +00:00
conf Merge "Add an option to randomize LDAP urls list" 2023-08-25 16:28:33 +00:00
credential sql: Fix incorrect columns 2023-07-03 12:32:58 +01:00
endpoint_policy Remove six usage 2020-01-30 06:06:51 +00:00
federation Merge "sql: Remove service_provider.relay_state_prefix default" 2023-07-11 18:35:55 +00:00
identity Merge "Add an option to randomize LDAP urls list" 2023-08-25 16:28:33 +00:00
limit Remove six usage 2020-01-30 06:06:51 +00:00
locale Imported Translations from Zanata 2023-08-26 03:38:27 +00:00
models Improve application credential validation speed 2024-02-20 04:56:27 +00:00
oauth1 db: Replace use of Query.get() 2023-02-28 17:26:39 +00:00
oauth2 OAuth2.0 Client Credentials Grant Flow Support 2022-06-14 09:09:33 +00:00
policy db: Replace use of Query.get() 2023-02-28 17:26:39 +00:00
receipt Remove six usage 2020-01-30 06:06:51 +00:00
resource sql: Remove duplicate constraints 2023-04-06 11:23:03 +01:00
revoke requirements: Bump linter requirements 2022-10-26 15:14:21 +03:00
server Don't forget to check if authorization fails 2023-03-17 16:54:41 -05:00
tests Add domain scoping to list_domains 2024-05-31 12:59:46 +00:00
token OAuth 2.0 Mutual-TLS Support 2023-03-03 11:28:05 +09:00
trust db: Replace use of Query.get() 2023-02-28 17:26:39 +00:00
__init__.py Revert "Disable eventlet monkey-patching of DNS" 2013-05-10 10:24:48 -04:00
exception.py OAuth2.0 Client Credentials Grant Flow Support 2022-06-14 09:09:33 +00:00
i18n.py Fix translated response 2019-08-19 14:49:37 +08:00
notifications.py Hide AccountLocked exception from end users 2021-04-23 13:43:42 -05:00
version.py Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00