OpenStack Dashboard (Horizon)

Miss policy checks in image panels

Bug #1529012 reported by Wang Bo on 2015-12-24

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Dashboard (Horizon)	Fix Released	High	Wang Bo	OpenStack Dashboard (Horizon) newton-1 "n1"

Bug Description

There is no policy checking code in image panels: project/images, project/ngimages, admin/images.

As ngusers code: https://github.com/openstack/horizon/blob/master/openstack_dashboard/dashboards/identity/static/dashboard/identity/users/table/table.controller.js#L54.

We should add policy checks of "get_images" in image panels

Wang Bo (chestack) on 2015-12-24

Changed in horizon:
assignee:	nobody → Wang Bo (chestack)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-12-28: Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/261967

Wang Bo (chestack) on 2015-12-30

Changed in horizon:
status:	New → In Progress

Rob Cresswell (robcresswell-deactivatedaccount) on 2016-03-23

Changed in horizon:
importance:	Undecided → High
milestone:	none → newton-1

Rob Cresswell (robcresswell-deactivatedaccount) on 2016-05-11

Changed in horizon:
status:	In Progress → New
status:	New → In Progress

Revision history for this message

Wang Bo (chestack) wrote on 2016-05-17:

find a related bug "Angular pages will relaod if collapse/expand a dashboard/panel-group" https://bugs.launchpad.net/horizon/+bug/1582561

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-19: Fix merged to horizon (master)

Reviewed: https://review.openstack.org/261967
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=340e67c17acf5957890c5ae3ec5f5c7216c20587
Submitter: Jenkins
Branch: master

commit 340e67c17acf5957890c5ae3ec5f5c7216c20587
Author: Bo Wang <email address hidden>
Date: Tue Apr 12 14:16:11 2016 +0800

Add policy checks in images panels

    check policy of getting images in:
    project/images
    project/ngimages
    admin/images

    Only block listing images but not whole panel if failed on policy check.
    Create, Delete and other actions are controlled by according policys.
    give a message "Insufficient privilege level to get images." to user
    if polciy checks failed.

Closes-Bug: #1529012
Change-Id: I97ab081425dd56fa7c3208efb58ba8b041eaba24

Changed in horizon:
status:	In Progress → Fix Released

Revision history for this message

Davanum Srinivas (DIMS) (dims-v) wrote on 2016-06-02: Fix included in openstack/horizon 10.0.0.0b1

This issue was fixed in the openstack/horizon 10.0.0.0b1 development milestone.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.