Public bug reported: Glance object does not retrieve domain attribute from request headers. Glance policies use context to check rules so we are not able to use domains.
Context is formed in middleware _get_authenticated_context func: kwargs = { 'user': req.headers.get('X-User-Id'), 'tenant': req.headers.get('X-Tenant-Id'), 'roles': roles, 'is_admin': CONF.admin_role.strip().lower() in roles, 'auth_token': req.headers.get('X-Auth-Token', deprecated_token), 'owner_is_tenant': CONF.owner_is_tenant, 'service_catalog': service_catalog, 'policy_enforcer': self.policy_enforcer, 'request_id': request_id, } return glance.context.RequestContext(**kwargs) ** Affects: glance Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Glance. https://bugs.launchpad.net/bugs/1620217 Title: Glance RequestContext object doesn't retrieve user_domain attribute Status in Glance: New Bug description: Glance object does not retrieve domain attribute from request headers. Glance policies use context to check rules so we are not able to use domains. Context is formed in middleware _get_authenticated_context func: kwargs = { 'user': req.headers.get('X-User-Id'), 'tenant': req.headers.get('X-Tenant-Id'), 'roles': roles, 'is_admin': CONF.admin_role.strip().lower() in roles, 'auth_token': req.headers.get('X-Auth-Token', deprecated_token), 'owner_is_tenant': CONF.owner_is_tenant, 'service_catalog': service_catalog, 'policy_enforcer': self.policy_enforcer, 'request_id': request_id, } return glance.context.RequestContext(**kwargs) To manage notifications about this bug go to: https://bugs.launchpad.net/glance/+bug/1620217/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp