project detail link needs policy check

Bug #1418246 reported by David Lyle
44
This bug affects 7 people
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
High
Eric Peterson

Bug Description

The projects panel is visible to end user and admin alike. The policy for listing user projects is admin_or_owner by default. The policy for getting project is admin_only. This causes the links to details for the end user to raise an error dialog. The link should not be active if the user does not have appropriate roles to get the details.

A general fix is needed for links in tables.

Revision history for this message
Alok Barsode (alok-barsode) wrote :

hi David, would you mind if I work on this one ?

I did a quick fixed for this with the following 1 line code in class TenantsTable(tables.DataTable){openstack_dashboard/dashboards/identity/projects/tables.py :} :

instead of hard coding the link attribute in the 'name' column I put a conditional:
- link=("horizon:identity:projects:detail"),
+ link= (lambda obj: getattr(obj, 'link', None)),

and set the link attribute in IndexView to either "horizon:identity:projects:detail" or "None" depending on the user.

What would this be the right approach to fix this?

Thanks!

Changed in horizon:
assignee: David Lyle (david-lyle) → Alok Barsode (alok-barsode)
Revision history for this message
Martin Hickey (martin-hickey) wrote :

Hi Alok, are you still working on this bug ? If not, would you mind if I did? Thanks.

Changed in horizon:
assignee: Alok Barsode (alok-barsode) → Eric Peterson (ericpeterson-l)
status: New → In Progress
Revision history for this message
Eric Peterson (ericpeterson-l) wrote :
Changed in horizon:
assignee: Eric Peterson (ericpeterson-l) → qiaomin032 (chen-qiaomin)
David Lyle (david-lyle)
Changed in horizon:
importance: Low → Medium
importance: Medium → High
Changed in horizon:
assignee: qiaomin032 (chen-qiaomin) → Lin Hua Cheng (lin-hua-cheng)
Changed in horizon:
assignee: Lin Hua Cheng (lin-hua-cheng) → Eric Peterson (ericpeterson-l)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/222437
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=eee3b0e162bad9c4e070d0fede4ff81caa0331de
Submitter: Jenkins
Branch: master

commit eee3b0e162bad9c4e070d0fede4ff81caa0331de
Author: chenqiaomin <chen.qiaomin@99cloud.net>
Date: Fri Jul 10 10:47:08 2015 -0400

    Add policy check for project detail link

    This change does a policy check for each row, to determine if
    the link should be displayed or not.

    Change-Id: Ia07c88216cdeb81c87da5c813bafb85e43c58e14
    Closes-Bug: #1494548
    Closes-Bug: #1418246

Changed in horizon:
status: In Progress → Fix Committed
Revision history for this message
Doug Hellmann (doug-hellmann) wrote : Fix included in openstack/horizon 9.0.0.0b1

This issue was fixed in the openstack/horizon 9.0.0.0b1 development milestone.

Changed in horizon:
status: Fix Committed → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (stable/liberty)

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/283011

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (stable/liberty)

Reviewed: https://review.openstack.org/283011
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=4857902df661cc86fe58e4879556fa48ce105ad1
Submitter: Jenkins
Branch: stable/liberty

commit 4857902df661cc86fe58e4879556fa48ce105ad1
Author: chenqiaomin <chen.qiaomin@99cloud.net>
Date: Fri Jul 10 10:47:08 2015 -0400

    Add policy check for project detail link

    This change does a policy check for each row, to determine if
    the link should be displayed or not.

    Change-Id: Ia07c88216cdeb81c87da5c813bafb85e43c58e14
    Closes-Bug: #1494548
    Closes-Bug: #1418246
    (cherry picked from commit eee3b0e162bad9c4e070d0fede4ff81caa0331de)

tags: added: in-stable-liberty
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 8.0.2

This issue was fixed in the openstack/horizon 8.0.2 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.