DB method backup_get_all_by_volume only work for admin
Bug #1873518 reported by
Rodrigo Barbieri
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Undecided
|
Rodrigo Barbieri |
Bug Description
While searching for an alternative fix for bug 1869746 and trying out the suggestion by Sofia Enriquez posted in that LP, I get a permission denied error at line [0] which I assumed was because admin privileges are required to perform that operation.
I had previously dismissed this as a dead end, but got back to investigate further, and found out that the error is actually due to [1]. That method is passing the volume_id to be compared with a project_id, which will never be true. Therefore this check is pointless for any user other than admin, which skips the check.
If that wasn't the case, perhaps an elevated context wouldn't need to be used here.
Changed in cinder: | |
assignee: | nobody → Rodrigo Barbieri (rodrigo-barbieri2010) |
status: | New → In Progress |
Changed in cinder: | |
milestone: | none → victoria-1 |
To post a comment you must log in.
Your analysis makes sense. Looks like line 5273 is the result of a careless copy of the previous function. I think we do want to get the project_id from the context in there somewhere, though, so that someone who knows your volume ID but isn't in your project can't get a listing of your backups.