showing quota during image launch breaks

Bug #858649 reported by Jesse Andrews
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
Critical
Gabriel Hurley

Bug Description

when I use devstack to create a new cloud based on diablo, then manage to create a non-admin user/tenant, when I try to launch a server I get API exception (from the part of the code that shows quotas it appears).

ApiException at /dash/jesse/images/5/launch
Not authorized. (HTTP 500)

from:

    return admin_api(request).quota_sets.get(tenant)

Changed in openstack-dashboard:
milestone: none → diablo-integrated-freeze
Changed in openstack-dashboard:
importance: Undecided → Critical
Revision history for this message
Devin Carlen (devcamcar) wrote :

This is easy fix:

return admin_api(request).quota_sets.get(tenant)

should be come

if request.user.is_admin():
    return admin_api(request).quota_sets.get(tenant)
else:
    return {}

Changed in openstack-dashboard:
status: New → Confirmed
assignee: nobody → Gabriel Hurley (gabriel-hurley)
Revision history for this message
Devin Carlen (devcamcar) wrote :

Also we should add unit tests to make sure the admin_api isn't invoked for non admin users in this code path.

Revision history for this message
Jesse Andrews (anotherjesse) wrote :

actually the admin_api should be switched to:

    return novaclient(request).quota_sets.get(tenant)

or something like that - to use the os-quotas extension instead of the openstackx extension.

Revision history for this message
Devin Carlen (devcamcar) wrote :

What Jesse said. This fix is in novaclient so we can just call novaclient to take advantage of it.

The call is actually:

    return novaclient(request).quotas.get(tenant)

(not .quota_sets.get)

Revision history for this message
Gabriel Hurley (gabriel-hurley) wrote :
Changed in openstack-dashboard:
status: Confirmed → Fix Committed
Devin Carlen (devcamcar)
Changed in openstack-dashboard:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.