Hierarchical Multitenancy
This blueprint encompases migration to "hierarchical ownership" as described by https:/
Implementation Impact:
- In SQL, the project.domain_id column is is renamed to 'parent_project_id'
- Contents of the domain table must be migrated to the project table, and the domain table dropped
- /v3/domains is exposed as SELECT * FROM project WHERE parent_project_id IS NULL;
- Manager methods for projects (list_projects, etc) rewrite all project ID's as "openstack.
This is not necessary. However, get_project_by_name should accept the equivalent of basename and full path. If a short name is used, the name should be relative to something reasonable, perhaps the users default project.
- Role assignments to project='openstack' are persisted with a null target (instead of project_
API Impact:
- Everything about domains is deprecated (?)
- GET /v3/projects might return projects with a "children" attribute, containing a list of children (reflecting the entire tree)
Blueprint information
- Status:
- Complete
- Approver:
- Morgan Fainberg
- Priority:
- High
- Drafter:
- Dolph Mathews
- Direction:
- Approved
- Assignee:
- Raildo Mascena de Sousa Filho
- Definition:
- Approved
- Series goal:
- Accepted for kilo
- Implementation:
-
Implemented
- Milestone target:
-
2015.1.0
- Started by
- Dolph Mathews
- Completed by
- Morgan Fainberg
Related branches
Related bugs
Sprints
Whiteboard
This will need a spec: https:/
Keystone-spec: https:/
Gerrit topic: https:/
Addressed by: https:/
Hierarchical Multitenacy
Addressed by: https:/
Hierarchical Projects
Addressed by: https:/
Add parent_project_id field
Addressed by: https:/
Base methods to handle hierarchical projects
Addressed by: https:/
Create, update and delete hierarchical projects
Gerrit topic: https:/
Addressed by: https:/
Fix rst issues in hierarchical multitenancy
Addressed by: https:/
Inherited roles to projects
Addressed by: https:/
Improve list role assignments filters performance
Addressed by: https:/
Add parent_project_id field
Addressed by: https:/
Base methods to handle hierarchical projects
Addressed by: https:/
Create, update and delete hierarchical projects
Addressed by: https:/
Inherited roles to projects
Addressed by: https:/
API documentation for Hierarchical Multitenancy
Addressed by: https:/
API documentation for Inherited Roles to Projects
Addressed by: https:/
Adds correct checks in LDAP backend tests
Addressed by: https:/
Fixes HEAD return code for OS-INHERIT extension
Addressed by: https:/
Merge remote-tracking branch 'remotes/
Addressed by: https:/
Add parent_id field to projects
Addressed by: https:/
Base methods to handle hierarchical projects
Addressed by: https:/
Create, update and delete hierarchical projects
Addressed by: https:/
Adds correct checks in LDAP backend tests
Addressed by: https:/
Inherited role assignments to projects
Addressed by: https:/
Fix inherited user role test docstring
Addressed by: https:/
[api-ref] Fix couple of issues on OS-INHERIT API
Work Items
Dependency tree
* Blueprints in grey have been implemented.
