Comment 2 for bug 1933269

This is what we decided while implementing project persona during wallaby that the project-admin persona is still reserved for administrative APIs access for system administrators/operators. This will remain the case until we can refactor portions of glance to make it easier to implement system-scope.

https://review.opendev.org/c/openstack/glance/+/764754

Secure RBAC work is still experimented in Glance. So should we treat this bug as security?
https://github.com/openstack/glance/blob/master/releasenotes/notes/secure-rbac-project-personas-fb0d9792b9dc3783.yaml

Just for reference;

https://review.opendev.org/c/openstack/glance-tempest-plugin/+/773568/25/glance_tempest_plugin/tests/rbac/v2/test_images.py#576

These are effectively what we currently consider to be "admin" today, which is "can do anything." These are testing those assumptions today, which before RBAC changes, are true. The FIXME comments in these tests describe what will need to change when this class is actually scoped to just admin-of-a-project. In effect, the SystemAdminTests above (currently disabled) will validate the actual can-do-anything admin after that is enabled, when these change to just assert what we expect a project admin to do.