From 1d0bba49a7ff8b469007d596451927374a2e2c2e Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
Date: Tue, 15 Aug 2023 13:10:38 +0200
Subject: [PATCH] Stop reffering _member_ role

Keystone has stopped providing or reffering `_member_` role for a while,
thus role should not be refferenced anymore.

Moreover, with 2023.1 service policies have dropped `_member_`
which resulted in the role to be insufficient for basic operations.

Change-Id: I4d6eacae2041b0a00114dda4e8315d4ec6295319
Related-Bug: #2029486
---
 doc/source/configure-swift-add.rst | 2 +-
 doc/source/configure-swift.rst     | 2 +-
 templates/proxy-server.conf.j2     | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/doc/source/configure-swift-add.rst b/doc/source/configure-swift-add.rst
index 96534bca..38ab5b79 100644
--- a/doc/source/configure-swift-add.rst
+++ b/doc/source/configure-swift-add.rst
@@ -14,7 +14,7 @@ existing deployment.
 
 #. Optionally, allow all keystone users to use swift by setting
    ``swift_allow_all_users`` in the ``user_variables.yml`` file to
-   ``True``. Any users with the ``_member_`` role (all authorized
+   ``True``. Any users with the ``member`` role (all authorized
    keystone users) can create containers and upload objects
    to swift.
 
diff --git a/doc/source/configure-swift.rst b/doc/source/configure-swift.rst
index 693bc2df..70862ec7 100644
--- a/doc/source/configure-swift.rst
+++ b/doc/source/configure-swift.rst
@@ -29,7 +29,7 @@ usage.
 
 #. Optionally, allow all Identity (keystone) users to use swift by setting
    ``swift_allow_all_users`` in the ``user_variables.yml`` file to
-   ``True``. Any users with the ``_member_`` role (all authorized
+   ``True``. Any users with the ``member`` role (all authorized
    keystone users) can create containers and upload objects
    to Object Storage.
 
diff --git a/templates/proxy-server.conf.j2 b/templates/proxy-server.conf.j2
index dd27a4eb..7120c6eb 100644
--- a/templates/proxy-server.conf.j2
+++ b/templates/proxy-server.conf.j2
@@ -92,9 +92,9 @@ memcache_secret_key = {{ memcached_encryption_key }}
 use = egg:swift#keystoneauth
 {% if swift_allow_all_users is defined and swift_allow_all_users == True %}
 {% if 'ceilometer' in swift_middleware_list %}
-operator_roles = admin, {{ swift_operator_role }}, _member_, {{ swift_reselleradmin_role }}
+operator_roles = admin, {{ swift_operator_role }}, member, {{ swift_reselleradmin_role }}
 {% else %}
-operator_roles = admin, {{ swift_operator_role }}, _member_
+operator_roles = admin, {{ swift_operator_role }}, member
 {% endif %}
 {% else %}
 {% if 'ceilometer' in swift_middleware_list %}