non-existent stack_owner through heatclient to list stack
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Heat |
New
|
Undecided
|
Unassigned |
Bug Description
When using curl to get stack list, I am facing this problem,heat don't verify the stack_owner:
1、$ curl -g -i -X GET http://
result:
{
"stacks": [{
"parent": null,
"description": "Auto Scaling with desired servers - Tony Cheng 2015/8/14 v1",
"links": [{
"href": "http://
"rel": "self"
}],
"stack_
"stack_name": "stack_01",
"stack_
"creation_time": "2016-08-
"updated_time": null,
"project": "d04021d5a4144b
"stack_owner": "admin",
"stack_status": "CREATE_COMPLETE",
"id": "61319aff-
},
{
...
"stack_owner": "demo",
"stack_status": "CREATE_COMPLETE",
"id": "2ee21228-
},
{
...
"stack_owner": null,
"stack_status": "CREATE_COMPLETE",
"id": "21a52492-
}]
}
2、$ curl -g -i -X GET http://
Different from 1,I add header "X-Auth-User: admin" to the http request.
result:
{
"stacks": [{
"parent": null,
"description": "Auto Scaling with desired servers - Tony Cheng 2015/8/14 v1",
"links": [{
"href": "http://
"rel": "self"
}],
"stack_
"stack_name": "stack_01",
"stack_
"creation_time": "2016-08-
"updated_time": null,
"project": "d04021d5a4144b
"stack_owner": "admin",
"stack_status": "CREATE_COMPLETE",
"id": "61319aff-
},
{
...
"stack_owner": "demo",
"stack_status": "CREATE_COMPLETE",
"id": "2ee21228-
{
...
"stack_owner": "admin",
"stack_status": "CREATE_COMPLETE",
"id": "21a52492-
}]
}
Stack(id=
Then I changed the header to "X-Auth-User: test"
$ curl -g -i -X GET http://
result:
{
"stacks": [{
"parent": null,
"description": "Auto Scaling with desired servers - Tony Cheng 2015/8/14 v1",
"links": [{
"href": "http://
"rel": "self"
}],
"stack_
"stack_name": "stack_01",
"stack_
"creation_time": "2016-08-
"updated_time": null,
"project": "d04021d5a4144b
"stack_owner": "admin",
"stack_status": "CREATE_COMPLETE",
"id": "61319aff-
},
{
...
"stack_owner": "demo",
"stack_status": "CREATE_COMPLETE",
"id": "2ee21228-
{
...
"stack_owner": "test",
"stack_status": "CREATE_COMPLETE",
"id": "21a52492-
}]
}
But,the user named "test" is not existed.
summary: |
- non-existent stack_owner through curl to list stack + non-existent stack_owner through heatclient to list stack |
description: | updated |
Changed in heat: | |
milestone: | none → no-priority-tag-bugs |
Are you using the same auth_token with different auth_users for the requests? Any reason you're using global_tenant=True?