diff options
author | Dolph Mathews <dolph.mathews@gmail.com> | 2013-06-03 14:21:36 -0500 |
---|---|---|
committer | Dolph Mathews <dolph.mathews@gmail.com> | 2013-06-03 14:24:49 -0500 |
commit | 132ff6d85e02acdce7483c2848686676cb4f14a0 (patch) | |
tree | 8664e53c7485f5f78200e72436976f6d54dd389f /keystone/identity | |
parent | cd349711bc6210bf35952c5f71bb92ab7676bd2d (diff) | |
download | keystone-132ff6d85e02acdce7483c2848686676cb4f14a0.tar.gz keystone-132ff6d85e02acdce7483c2848686676cb4f14a0.tar.xz keystone-132ff6d85e02acdce7483c2848686676cb4f14a0.zip |
Maintain tokens after role assignments (bug 1170186)
Change-Id: Iacd2d9e09be4ab3d6a3c5acf4074e4af7e300602
Diffstat (limited to 'keystone/identity')
-rw-r--r-- | keystone/identity/controllers.py | 9 |
1 files changed, 0 insertions, 9 deletions
diff --git a/keystone/identity/controllers.py b/keystone/identity/controllers.py index 3e60272d..b2dae337 100644 --- a/keystone/identity/controllers.py +++ b/keystone/identity/controllers.py @@ -308,7 +308,6 @@ class Role(controller.V2Controller): self.identity_api.add_role_to_user_and_project( context, user_id, tenant_id, role_id) - self._delete_tokens_for_user(context, user_id) role_ref = self.identity_api.get_role(context, role_id) return {'role': role_ref} @@ -766,14 +765,6 @@ class RoleV3(controller.V3Controller): self.identity_api.create_grant( context, role_id, user_id, group_id, domain_id, project_id) - # So that existing tokens don't stop the use of this grant - # delete any tokens for this user or, in the case of a group, - # tokens from all the uses who are members of this group. - if user_id: - self._delete_tokens_for_user(context, user_id) - else: - self._delete_tokens_for_group(context, group_id) - @controller.protected def list_grants(self, context, user_id=None, group_id=None, domain_id=None, project_id=None): |