verify router, subnet/port ownership for L3 router interface calls
Bug #1042037 reported by
dan wendlandt
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
High
|
Nachi Ueno |
Bug Description
The L3 router API exposes two PUT actions "add_router_
First, we need to make sure policy.py limits these calls to the the user owns the router or is admin.
Second, we need need to make sure we check that subnet/port passed in in the data for these calls is owned by that tenant or that user is admin.
Changed in quantum: | |
assignee: | nobody → dan wendlandt (danwent) |
importance: | Undecided → High |
status: | New → Confirmed |
milestone: | none → folsom-rc1 |
summary: |
- verify network + subnet ownership for L3 API calls + verify network + subnet ownership for L3 router interface calls |
summary: |
- verify network + subnet ownership for L3 router interface calls + verify router, subnet/port ownership for L3 router interface calls |
description: | updated |
description: | updated |
Changed in quantum: | |
assignee: | dan wendlandt (danwent) → Nachi Ueno (nati-ueno) |
Changed in quantum: | |
status: | Confirmed → In Progress |
Changed in quantum: | |
status: | Fix Committed → Fix Released |
Changed in quantum: | |
milestone: | folsom-rc1 → 2012.2 |
To post a comment you must log in.
Hi Dan
May I fix floating IPs also in this patch?
Or should we have separate bug report?