Last modified: 2011-01-11 22:42:54 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T28595, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 26595 - Add users to sysadmin role after they are added to a project
Add users to sysadmin role after they are added to a project
Status: RESOLVED INVALID
Product: MediaWiki extensions
Classification: Unclassified
OpenStackManager (Other open bugs)
unspecified
All All
: Normal enhancement (vote)
: ---
Assigned To: Ryan Lane
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-01-06 01:30 UTC by Ryan Lane
Modified: 2011-01-11 22:42 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Ryan Lane 2011-01-06 01:30:20 UTC 
Adding a user to a project is not enough to allow them to create instances. Users must also be in a "sysadmin" role as well.

Project roles are created underneath projects. So, if a project exists named "tesla", the project/role should look like this:

cn=tesla,<projectbasedn>

cn=sysadmin,cn=tesla,<projectbasedn>

Also, as of right now, Nova requires that users be in the global sysadmin group, and the project group to create instances; see bug:

https://bugs.launchpad.net/nova/+bug/697936

So, for now at least, we'll also need to add users to this group when they are created.

Also, if we are adding users to these roles, when we remove users from projects, they should also be removed from the roles as well.

When the listed Nova bug is fixed, we'll need to stop using the global group (this should preferably be a configuration option), and we'll need to remove all users from the group.
Comment 1 Ryan Lane 2011-01-06 01:32:14 UTC 
The best solution for this is to create the role (and any other possible roles we may want) at the same time the project is created.
Comment 2 Ryan Lane 2011-01-11 22:42:54 UTC 
Roles should be manually assigned.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links