632998e218
This allows admin users[1] to use a different project id in request path, to fix the unexpected access denials during redirection when enforcing new default rules. This was allowed previously with deprecated policy rules, and with the new SRBAC design we require project scope auth to access project owned resources such as stack. [1] User with admin role in admin project in case admin_project_name is set in Keystone. If it's not set then user with admin role in any project are considered as "admin". Story: 2011036 Task: 49532 Change-Id: I49f46e36828881d9700e0e178bd80eb04efe4510 |
||
---|---|---|
.. | ||
v1 | ||
__init__.py | ||
versions.py |