System Scope

Registered by Lance Bragstad on 2017-11-30

This the blueprint for tracking work to implement System Scope. See specification for details.

Blueprint information

Status:
Complete
Approver:
Lance Bragstad
Priority:
High
Drafter:
Lance Bragstad
Direction:
Approved
Assignee:
Lance Bragstad
Definition:
Approved
Series goal:
Accepted for queens
Implementation:
Implemented
Milestone target:
milestone icon queens-3
Started by
Lance Bragstad on 2017-11-30
Completed by
Lance Bragstad on 2018-02-05

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/system-scope,n,z

Addressed by: https://review.openstack.org/524407
    Add ability to list all system role assignments

Addressed by: https://review.openstack.org/498091
    Ensure building scope is mutually exclusive

Addressed by: https://review.openstack.org/507993
    Add a new table for system role assignments

Addressed by: https://review.openstack.org/507994
    Implement backend logic for system roles

Addressed by: https://review.openstack.org/512468
    Implement manager logic for user+system roles

Addressed by: https://review.openstack.org/512641
    Implement manager logic for group+system roles

Addressed by: https://review.openstack.org/514471
    Add user system grant policies

Addressed by: https://review.openstack.org/525329
    Remove private methods for v2.0 and v3 tokens

Addressed by: https://review.openstack.org/525330
    Teach TokenFormatter how to handle system scope

Addressed by: https://review.openstack.org/525360
    Implement system-scope in the token provider API

Addressed by: https://review.openstack.org/525687
    WIP: Implement system-scoped tokens

Addressed by: https://review.openstack.org/514725
    Add group system grant policies

Addressed by: https://review.openstack.org/515215
    Implement controller logic for system user assignments

Addressed by: https://review.openstack.org/524017
    Implement controller logic for system group assignments

Addressed by: https://review.openstack.org/524307
    Add system role assignment documentation

Addressed by: https://review.openstack.org/528037
    Introduce assertions for system-scoped token testing

Addressed by: https://review.openstack.org/528039
    Add release note for system-scope

Addressed by: https://review.openstack.org/528847
    Add configuration option for enforcing system-scope

Addressed by: https://review.openstack.org/530133
    Update documentation to reflect system-scope

Addressed by: https://review.openstack.org/530410
    Grant admin a role on the system during bootstrap

Addressed by: https://review.openstack.org/530490
    Implement GET /v3/auth/system

Addressed by: https://review.openstack.org/536602
    Relay system information in RoleAssignmentNotFound

Gerrit topic: https://review.openstack.org/#q,topic:bug/968696,n,z

Gerrit topic: https://review.openstack.org/#q,topic:bug/1748970,n,z

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.