Project/Volumes page do not respect policy.json value
Bug #1579111 reported by
Paul Karikh
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Fix Released
|
Medium
|
Daniel Castellanos |
Bug Description
Let's assume that user/operator wants to restrict access to the Volumes page via policy.json file.
Looks like the best way to do it is to set '"volume:get_all": ["rule:
But if we do so and restart Horizon - nothing happens.
Volumes panel has following restrictions:
permissions = ('openstack.
Looks like we need to add some policy checks for this panel.
summary: |
- Project/Volumes page do not respect polic.json value + Project/Volumes page do not respect policy.json value |
Changed in horizon: | |
assignee: | nobody → Daniel Castellanos (luis-daniel-castellanos) |
Changed in horizon: | |
milestone: | next → ocata-1 |
To post a comment you must log in.
We should only block the panel when both get all and create are blocked; technically there could be a time when someone would allow creation but not listing, and we shouldn't block that regardless of obscurity.