Glance

Delete public image as non-admin user results in 404

Bug #923941 reported by Brian Waldon on 2012-01-30

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Glance	Fix Released	High	Brian Waldon	Glance 2012.1 "essex"

Bug Description

Here's what i did:

1) add an image to glance with is_public=true as an admin
2) run nova image-list as non-admin user to verify image is visible
3) try to nova image-delete as non-admin user -- results in a 404

If i ask for the image through the glance cli, it is there (public and unprotected) with the admin tenant as the owner. Trying to delete it as the admin will succeed.

Revision history for this message

Brian Waldon (bcwaldon) wrote on 2012-01-30:

This should result in a 403 if the user attempting to delete it doesn't have permission, returning a 404 is just mean.

Revision history for this message

Brian Waldon (bcwaldon) wrote on 2012-01-30:

Additionally, we should only return 403 if the image is visible to the user. 404 is still appropriate if the user can't see the image

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-01-30: Fix proposed to glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/3558

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-02-02: Fix merged to glance (master)

Reviewed: https://review.openstack.org/3558
Committed: http://github.com/openstack/glance/commit/81ce7b44be653599ab8917712f44f94f052ebb94
Submitter: Jenkins
Branch: master

commit 81ce7b44be653599ab8917712f44f94f052ebb94
Author: Brian Waldon <email address hidden>
Date: Mon Jan 30 13:23:35 2012 -0800

Handle access restriction to public unowned image

Fixes bug 923941. Now we can return a 403 rather than a 404
if we reject a modification for a public image.

Change-Id: I71915f662c8e9e3ebf4326f47d0cd3bd08c03ac1

Changed in glance:
status:	In Progress → Fix Committed

Revision history for this message

Darren Birkett (darren-birkett) wrote on 2012-02-24:

I'm not 100% sure this is fixed - using latest devstack (8d87ca05330d050561611fcc43cfa941a340d13a)

I have an image uploaded as admin user/admin tenant.

I can see that image as the demo user/demo tenant

# env|grep OS
OS_PASSWORD=devstack
OS_AUTH_URL=http://192.168.100.81:5000/v2.0
OS_USERNAME=demo
OS_TENANT_NAME=demo
LESSCLOSE=/usr/bin/lesspipe %s %s

# glance show 70859aed-6ede-4e26-a525-74b5d04cd26f
URI: http://192.168.100.81:9292/v1/images/70859aed-6ede-4e26-a525-74b5d04cd26f
Id: 70859aed-6ede-4e26-a525-74b5d04cd26f
Public: Yes
Protected: No
Name: cirros-0.3.0-x86_64-blank-ramdisk
Status: active
Size: 2254249
Disk format: ari
Container format: ari
Minimum Ram Required (MB): 0
Minimum Disk Required (GB): 0
Owner: a732345e4905423a8190ebee0cc522f2

If I try to delete it, I essentially get a 404

# glance delete 70859aed-6ede-4e26-a525-74b5d04cd26f
Delete image 70859aed-6ede-4e26-a525-74b5d04cd26f? [y/N] y
No image with ID 70859aed-6ede-4e26-a525-74b5d04cd26f was found

As admin user/tenant I can delete it no problem

Revision history for this message

Jay Pipes (jaypipes) wrote on 2012-02-27:

Brian, could you please investigate this further? Thanks!

Changed in glance:
status:	Fix Committed → Incomplete

Revision history for this message

Brian Waldon (bcwaldon) wrote on 2012-02-27:

Crap, I only fixed it for access directly to the registry api. I'll push up a fix for it.

Changed in glance:
status:	Incomplete → In Progress
milestone:	none → essex-4

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-02-27: Fix proposed to glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/4596

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2012-02-27: Fix merged to glance (master)

Reviewed: https://review.openstack.org/4596
Committed: http://github.com/openstack/glance/commit/7db20754a0c9d853ff0a5e283dd7d483ab0c2755
Submitter: Jenkins
Branch: master

commit 7db20754a0c9d853ff0a5e283dd7d483ab0c2755
Author: Brian Waldon <email address hidden>
Date: Mon Feb 27 12:59:52 2012 -0800

Complete fix for modification of unowned image

* Fully fixes bug 923941

Change-Id: Ia155a4d76e75498629996aaddfc8fe0b41ce6760

Changed in glance:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2012-02-29

Changed in glance:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2012-04-05

Changed in glance:
milestone:	essex-4 → 2012.1

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.