no policy enforment for GET /os-hosts
Bug #1732808 reported by
Ghanshyam Mann
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Medium
|
Brin Zhang |
Bug Description
Cinder does not do policy enforcement for GET /os-hosts [0], where policy doc says opposite[1].
PUT /os-host has policy control which is default to admin only. is there any rational not to have policy control over GET /os-host ? if so we should fix the doc at least.
This is found during this - https:/
[1]
https:/
/hosts.py
Changed in cinder: | |
assignee: | nobody → zhangbailin (zhangbailin) |
Changed in cinder: | |
status: | Triaged → In Progress |
To post a comment you must log in.
Generally we do not allow non-administrative users to do anything that gives insight to the underlying hosts/backends/etc. So, I think the documentation is right in this case.