Do not validate user when creating assignments
Creating an assignment may happen in the absence of User data. For Federation, a user listing may not even be possible. Even in LDAP and SQL cases, an admin may need to create role assignments prior to a valid user object being available. Same is tru for groups. These checks are unnecessary, and can and should be removed.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Low
- Drafter:
- Adam Young
- Direction:
- Needs approval
- Assignee:
- Brant Knudson
- Definition:
- New
- Series goal:
- Accepted for icehouse
- Implementation:
-
Implemented
- Milestone target:
-
2014.1
- Started by
- Thierry Carrez
- Completed by
- Dolph Mathews
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Fix assignment to not use identity
This is blocked by changing assertions made in tempest; either of two proposed changes would suffice:
https:/
https:/
Addressed by: https:/
Update kvs assignment backend docs
Addressed by: https:/
Fix assignment KVS backend to not use identity
Addressed by: https:/
Add test for list project users when no user
Addressed by: https:/
Add test for create grant when no user
Addressed by: https:/
Add test for create grant when no group
Addressed by: https:/
Fix get project users when no user exists
Addressed by: https:/
Fix create grant when no user
Addressed by: https:/
Fix create grant when no group
Addressed by: https:/
Assignment returns fake user for unknown users
