openstack/keystone
Code Issues Proposed changes
5ead95ffcc
keystone/keystone
History
Takashi Kajinami 5ead95ffcc Allow domain users to manage credentials 
Credentials are associated with users so there is no reason we prevent
domain users from accessing the resources. In some services like heat
domain admin is used to generate keystone credentials and loosing
the scope check is required to continue supporting such use case.

Closes-Bug: #2062045
Change-Id: I140b302d879ce1cc1f8d8de9e666cc74278a977f
2024-04-23 05:45:40 +00:00
..
api Merge "Pass initiator to delete user" 2024-03-12 17:07:37 +00:00
application_credential sql: Fixup for invalid unique constraint on external_id in access_rule table 2024-02-23 08:26:20 +00:00
assignment Fix operation order in role deletion 2024-02-15 23:28:24 +01:00
auth Allow assignment of domain specific role to federated users 2024-01-30 19:28:05 +01:00
catalog Deprecate templated catalog driver 2024-03-13 22:09:30 +09:00
cmd Add ability to create users and projects from keystone-manage 2024-03-12 08:06:35 -05:00
common Allow domain users to manage credentials 2024-04-23 05:45:40 +00:00
conf Merge "Clean up deprecated options for eventlet server" 2024-01-26 17:37:17 +00:00
credential sql: Fix incorrect columns 2023-07-03 12:32:58 +01:00
endpoint_policy Remove six usage 2020-01-30 06:06:51 +00:00
federation Fix federation mapping role jsonschema 2024-02-07 08:49:45 +01:00
identity Merge "Check user existence before setting last_active_at" 2024-01-26 19:25:20 +00:00
limit Remove six usage 2020-01-30 06:06:51 +00:00
locale Imported Translations from Zanata 2023-08-26 03:38:27 +00:00
models Improve application credential validation speed 2024-01-02 08:46:24 +00:00
oauth1 db: Replace use of Query.get() 2023-02-28 17:26:39 +00:00
oauth2 OAuth2.0 Client Credentials Grant Flow Support 2022-06-14 09:09:33 +00:00
policy db: Replace use of Query.get() 2023-02-28 17:26:39 +00:00
receipt Remove six usage 2020-01-30 06:06:51 +00:00
resource sql: Remove duplicate constraints 2023-04-06 11:23:03 +01:00
revoke Revoke list_events: Add trust sql filter 2023-07-12 15:17:55 +02:00
server Merge "Propagate redirect exceptions to the client" 2024-01-26 17:37:22 +00:00
tests Allow admin to access tokens and credentials 2024-04-02 20:58:10 -05:00
token Add a cache to check_revocation 2023-07-13 16:00:28 +02:00
trust db: Replace use of Query.get() 2023-02-28 17:26:39 +00:00
__init__.py Revert "Disable eventlet monkey-patching of DNS" 2013-05-10 10:24:48 -04:00
exception.py Propagate redirect exceptions to the client 2023-12-07 18:14:03 +01:00
i18n.py Fix translated response 2019-08-19 14:49:37 +08:00
notifications.py Hide AccountLocked exception from end users 2021-04-23 13:43:42 -05:00
version.py Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00