Comment 6 for bug 1346648

We're seeing this issue in our (Kilo) cloud, and it seems this is only fixed for API v2. Firing a request to delete the same image using the same credentials, once with API v1 and once with API v2, I see that the enforcer is called without target information for v1 and with target information for v2. Since we do an ownership check for some operations, this means v1 API essentially doesn't work.

Is anyone still working on this issue?