Typo in policy.json
Bug #1155379 reported by
Salvatore Orlando
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Salvatore Orlando |
Bug Description
The following lines have an extra colon:
"create_
"get_qos_queue:": "rule:admin_only",
"get_qos_queues:": "rule:admin_only",
As a result the corresponding enforce check (in NVP plugin) checks for admin_or_owner instead of admin_only.
However since there the object to check in passed in the form resource: {<...object..>} the tenant_id attribute is not available to the policy engine (as it's nested in the value of the 'resource' key), and therefore the 'owner' part of the 'admin_or_owner' check always fails.
It looks like we are in that situation where two wrongs make a right, but it's probably worth fixing both of them
Changed in quantum: | |
importance: | Undecided → Medium |
tags: | added: grizzly-backport-potential |
Changed in quantum: | |
status: | Fix Committed → Fix Released |
Changed in neutron: | |
milestone: | havana-1 → 2013.2 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/24494
Review: https:/