Reviewed: https://review.openstack.org/438035 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=dc449dfd63c165cfa9c4600b82e5b392973a0e60 Submitter: Jenkins Branch: master
commit dc449dfd63c165cfa9c4600b82e5b392973a0e60 Author: Gage Hugo <[email protected]> Date: Fri Feb 24 12:26:41 2017 -0600 Change is_admin_project to False by default Our token model code will return a default of True for is_admin_project if that attribute is not defined. The comment next to this says this is for backwards compatibility, but this seems inherently dangerous. Closes-Bug: #1652012 Change-Id: I035fe570972764b9c9342d1851654634d681ac5e ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1652012 Title: token model assumes a token is is_admin_project Status in OpenStack Identity (keystone): Fix Released Bug description: Our token model code will return a default of True for is_admin_project if that attribute is not defined [0]. The comment next to this says this is for backward compatibility - but this seems inherently dangerous. We should investigate what changes are needed (if any) to make the default False. [0] https://github.com/openstack/keystone/blob/686f9d583eaa5f015d6b8b995c2f4243392ffbce/keystone/models/token_model.py#L195-L198 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1652012/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
