Designate

project _memeber_ type users cannot read their quotas

Bug #1462428 reported by Eric Peterson on 2015-06-05

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Designate	Fix Released	High	Unassigned

Bug Description

When users / clients without an admin token make this call:

https://github.com/openstack/python-designateclient/blob/master/designateclient/v1/quotas.py#L26

It eventually fails in the central log with a message that looks like:

2015-06-05 15:58:37.071 24238 INFO designate.policy [req-66dd0126-890b-413c-8133-dfe9cfae08e0 f3b9d089c4034398874e9fcf1a48fa97 dbc2e327b3204978b7a3292f6b7f15ec - - -] Policy check succeeded for rule 'get_quotas' on target {'tenant_id': u'dbc2e327b3204978b7a3292f6b7f15ec'}
2015-06-05 15:58:37.073 24238 INFO designate.policy [req-66dd0126-890b-413c-8133-dfe9cfae08e0 f3b9d089c4034398874e9fcf1a48fa97 dbc2e327b3204978b7a3292f6b7f15ec - - -] Policy check failed for rule 'all_tenants' on target {}

This makes quotas kind of useless, if the only people that can read them are admins (which would be the same users that can change them).

Tags:

Eric Peterson (ericpeterson-l) on 2015-06-05

tags:

added: central

Tim Simmons (timsim) on 2015-06-10

Changed in designate:
status:	New → Triaged
importance:	Undecided → High
milestone:	none → liberty-1

Kiall Mac Innes (kiall) on 2015-06-18

tags:

added: low-hanging-fruit

Pradeep Kumar Singh (pradeep-singh-u) on 2015-06-23

Changed in designate:
assignee:	nobody → pradeep kumar singh (pradeep-singh-u)

Thierry Carrez (ttx) on 2015-06-24

Changed in designate:
milestone:	liberty-1 → liberty-2

OpenStack Infra (hudson-openstack) on 2015-06-25

Changed in designate:
status:	Triaged → In Progress

Revision history for this message

Pradeep Kumar Singh (pradeep-singh-u) wrote on 2015-06-25:

https://review.openstack.org/195368

Kiall Mac Innes (kiall) on 2015-07-28

Changed in designate:
milestone:	liberty-2 → liberty-3

Kiall Mac Innes (kiall) on 2015-09-02

Changed in designate:
milestone:	liberty-3 → liberty-rc1

Revision history for this message

Kiall Mac Innes (kiall) wrote on 2015-09-16:

Pushing out as we're at Liberty RCs, users can use the "limits" endpoint to retrieve their own quotas for now.

Changed in designate:
milestone:	liberty-rc1 → none

Pradeep Kumar Singh (pradeep-singh-u) on 2016-12-07

Changed in designate:
assignee:	Pradeep Kumar Singh (pradeep-singh-u) → nobody

Graham Hayes (grahamhayes) on 2017-01-25

Changed in designate:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2017-01-31: Change abandoned on designate (master)

Change abandoned by Graham Hayes (<email address hidden>) on branch: master
Review: https://review.openstack.org/195368
Reason: As this review has not been updated recently, we are abandoning it for now. Feel free to reactivate the review by pressing the restore button and leaving a 'recheck' comment to get fresh test results.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.