578be15629
When using role assignment through groups, the user cannot use the application credentials created. This allows to look up the membership by checking inherited and group assignments. Conflicts: This change conflicts with newer branches because most of the logic in keystone/token/providers/common.py was refactored into keystone/models/token_model.py during the Rocky release. This refactor causes the stable/queens version to diverge from stable/rocky, stable/stein, and stable/train patches, although it is functionally equivalent to the approach used in later releases. Change-Id: If1bf5bd785a494923303265797311d42018ba7af Closes-Bug: #1773967 (cherry picked from commit |
||
---|---|---|
.. | ||
fernet | ||
__init__.py | ||
base.py | ||
common.py | ||
uuid.py |