os-volumes API policy is allowed for everyone even policy defaults is admin_or_owner
Bug #1864777 reported by
Brin Zhang
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Invalid
|
Undecided
|
Brin Zhang |
Bug Description
os-volumes API policy is default to admin_or_owner[1] but API is allowed for everyone.
This is because API does not pass the server project_id in policy target:
show-https:/
details/index-https:/
To post a comment you must log in.
Same as in os-volumes- attachments API, with bug 1864776