Fuel for OpenStack

Add read-only mode for Fuel API

Bug #1581255 reported by Liubov Efremova on 2016-05-12

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Fix Committed	High	Vitaly Kramskikh	Fuel for OpenStack 10.0

Bug Description

Our customer wants to separate fuel users by role: admins and others (readers).

Non-admin users should have read-only permissions (should have no possibility to create environments or change any settings in them).

Business value:
A careless user could destroy production environments by pushing the wrong button in Fuel. For routine access we should have account types that make it harder to cause damage.

Tags:

Liubov Efremova (lefremova) on 2016-05-12

Changed in fuel:
importance:	Undecided → High
status:	New → Confirmed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-13: Fix proposed to fuel-web (master)

Fix proposed to branch: master
Review: https://review.openstack.org/315861

Changed in fuel:
status:	Confirmed → In Progress

Oleg S. Gelbukh (gelbuhos) on 2016-05-13

tags:

added: feature

Aleksey Kasatkin (alekseyk-ru) on 2016-05-13

tags:

added: area-python

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-07: Fix proposed to fuel-ui (master)

Fix proposed to branch: master
Review: https://review.openstack.org/326600

Changed in fuel:
assignee:	Liubov Efremova (lefremova) → Vitaly Kramskikh (vkramskikh)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-08: Fix merged to fuel-web (master)

Reviewed: https://review.openstack.org/315861
Committed: https://git.openstack.org/cgit/openstack/fuel-web/commit/?id=95262c31c2d4ec39fb854a91d29d8b14ddf990d3
Submitter: Jenkins
Branch: master

commit 95262c31c2d4ec39fb854a91d29d8b14ddf990d3
Author: Liubov Efremova <email address hidden>
Date: Fri May 13 02:30:13 2016 +0300

Read-only mode for Fuel API was added

    Now we have the possibility to separate fuel users by their role: admins
    and others (readers).
    Non-admin users have read-only permissions and can't create environments
    or change any settings in them.
    Admins have the total control over the environments.

Change-Id: I69a048ab497ab1faa8c6c85a0502d92e1d073ee7
Closes-Bug: 1581255

Changed in fuel:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-06-08: Fix merged to fuel-ui (master)

Reviewed: https://review.openstack.org/326600
Committed: https://git.openstack.org/cgit/openstack/fuel-ui/commit/?id=be983c124ecc6049358c8830d9245bd2ced51521
Submitter: Jenkins
Branch: master

commit be983c124ecc6049358c8830d9245bd2ced51521
Author: Vitaly Kramskikh <email address hidden>
Date: Tue Jun 7 18:51:10 2016 +0300

Skip welcome page if the user doesn't have "admin" role

    Only users with "admin" role can send POST/PUT/DELETE requests
    now, so users without "admin" role won't be able to pass welcome
    page. So it makes no sense to show it for such users.

    Partial-Bug: #1581255
    Depends-On: I69a048ab497ab1faa8c6c85a0502d92e1d073ee7
    Change-Id: Id5cb96786fcd3d4d056116f6a2302931b33b5129

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.