Glance

Can not define only image creator can delete the image

Bug #1253963 reported by Lin, Bo-Chun on 2013-11-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Glance	In Progress	Wishlist	Ian Cordasco

Bug Description

We want to define that the image only can be deleted by admin or image creator.
So we modify the policy file as below:
{
    "context_is_admin": "role:admin",
    "admin_or_user": "is_admin:True or user_id:%(user_id)s",
    "default": "",
    "manage_image_cache": "role:admin",
    "delete_image": "rule:admin_or_user"
}

But it does not work because it does not pass the user_id or other detail to the policy checker.

Lin, Bo-Chun (sherry7737) on 2013-11-22

Changed in glance:
assignee:	nobody → Lin, Bo-Chun (sherry7737)

Lin, Bo-Chun (sherry7737) on 2013-11-22

Changed in glance:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-11-22: Fix proposed to glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/57913

Iccha Sethi (iccha-sethi) on 2013-11-23

Changed in glance:
importance:	Undecided → Wishlist

Revision history for this message

Erno Kuvaja (jokke) wrote on 2014-09-12:

Old and abandoned.

Changed in glance:
assignee:	Lin, Bo-Chun (sherry7737) → nobody
status:	In Progress → New
tags:	added: propose-close

Revision history for this message

Ian Cordasco (icordasc) wrote on 2015-01-17:

See https://review.openstack.org/#/c/146651/

Changed in glance:
status:	New → In Progress
assignee:	nobody → Ian Cordasco (icordasc)
tags:	removed: propose-close

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Related blueprints

Pass Targets to Glance's Policy Enforcer

Remote bug watches

Bug watches keep track of this bug in other bug trackers.