Updating of firewall-rule while attached to firewall via non-admin user shows exception on Horizon
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Neutron FWaaS dashboard |
Fix Released
|
Undecided
|
Adit Sarfaty | ||
OpenStack Dashboard (Horizon) |
Won't Fix
|
Undecided
|
Adit Sarfaty |
Bug Description
Created non-admin user using below commands:-
# openstack project create sam
# openstack user create --password openstack --project acdc3b0348224a0
# openstack role create user-role
# openstack role add --project acdc3b0348224a0
Steps:-
1) Created firewall-rule
2) Created firewall policy and firewall-rule.
3) Created firewall and add firewall-policy to it
4) Now try to update firewall-rule using non-admin user it shows exception.
Error: Failed to update rule fire-rule-sam: {u'protocol': u'tcp', u'description': u'', 'attributes_
But issue doesn't comes when using cli command to update firewall-rules for non-admin user.
Use credentials for non-admin tenant then run below command:-
$ neutron firewall-
Updated firewall_rule: 86850f40-
So above command via cli is executed fine but with horizon it shows issue.
tags: | added: fwaas |
Changed in neutron-fwaas-dashboard: | |
assignee: | nobody → Adit Sarfaty (asarfaty) |
status: | New → In Progress |
The problem is that the "shared" attribute of the rule is added to the request
body (although unchanged), triggering the policy rule that forbids changing the
"shared" rule attribute.