Murano

[api] is_public defaults to true, and anyone can create a public package

Bug #1331243 reported by Steve McLellan on 2014-06-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Murano	Fix Released	Medium	Steve McLellan	Murano 2014.2 "Juno"

Bug Description

is_public defaults to true in the database model for packages and there's nothing controlling who can create public packages at present.

Glance treats is_public as a special property that triggers an additional policy check (publicize_image) that is typically restricted to admins (and as of Juno will be by default restricted to admins - https://wiki.openstack.org/wiki/OSSN/OSSN-0015). I suggest following the same pattern, and making the property default.

Serg Melikyan (smelikyan) on 2014-07-08

Changed in murano:
status:	New → Confirmed
importance:	Undecided → Medium
milestone:	none → juno-2

Ekaterina Chernova (efedorova) on 2014-07-16

Changed in murano:
assignee:	nobody → Ekaterina Chernova (efedorova)
assignee:	Ekaterina Chernova (efedorova) → nobody

Steve McLellan (sjmc7) on 2014-07-22

Changed in murano:
assignee:	nobody → Steve McLellan (sjmc7)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-07-23: Fix proposed to murano (master)

Fix proposed to branch: master
Review: https://review.openstack.org/109153

Changed in murano:
status:	Confirmed → In Progress

ruhe (ruhe) on 2014-07-25

Changed in murano:
milestone:	juno-2 → juno-3

OpenStack Infra (hudson-openstack) on 2014-07-31

Changed in murano:
assignee:	Steve McLellan (sjmc7) → Ruslan Kamaldinov (ruhe)

ruhe (ruhe) on 2014-08-09

Changed in murano:
assignee:	Ruslan Kamaldinov (ruhe) → Steve McLellan (sjmc7)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-14: Fix merged to murano (master)

Reviewed: https://review.openstack.org/109153
Committed: https://git.openstack.org/cgit/stackforge/murano/commit/?id=f5daa12347268a53fafae08cff285a76b3abdf93
Submitter: Jenkins
Branch: master

commit f5daa12347268a53fafae08cff285a76b3abdf93
Author: Steve McLellan <email address hidden>
Date: Wed Jul 23 18:27:57 2014 -0500

Default is_public to false

Sets is_public=false in the database model, adds is_public querystring
to API and policy check for it. Will need corresponding client change.

    Does not include an alembic migration because altering columns is
    apparently difficult, and removing/adding does more damage than good.
    New objects should have is_public set to False by the db model.

Relies on changes in https://review.openstack.org/#/c/109151/ (mainly
for unit test refactoring).

Change-Id: I390806b7e2d09f18ab3c496178406e1a3fc8d899
Closes-Bug: #1331243

Changed in murano:
status:	In Progress → Fix Committed

ruhe (ruhe) on 2014-09-05

Changed in murano:
status:	Fix Committed → Fix Released

Sergey Lukjanov (slukjanov) on 2014-10-17

Changed in murano:
milestone:	juno-3 → 2014.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.