Glance

  1. Bug #1482371
  2. Comment #51

Comment 51 for bug 1482371

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to glance (stable/kilo)

Reviewed: https://review.openstack.org/226337
Committed: https://git.openstack.org/cgit/openstack/glance/commit/?id=9beca533f42ae1fc87418de0c360e19bc59b24b5
Submitter: Jenkins
Branch: stable/kilo

commit 9beca533f42ae1fc87418de0c360e19bc59b24b5
Author: Stuart McLaren <email address hidden>
Date: Tue Aug 11 10:37:09 2015 +0000

    Prevent image status being directly modified via v1

    Users shouldn't be able to change an image's status directly via the
    v1 API.

    Some existing consumers of Glance set the x-image-meta-status header in
    requests to the Glance API, eg:

    https://github.com/openstack/nova/blob/master/plugins/xenserver/xenapi/etc/xapi.d/plugins/glance#L184

    We should try to prevent users setting 'status' via v1, but without breaking
    existing benign API calls such as these.

    I've adopted the following approach (which has some prior art in 'protected properties').

    If a PUT request is received which contains an x-image-meta-status header:

    * The user provided status is ignored if it matches the current image
      status (this prevents benign calls such as the nova one above from
      breaking). The usual code (eg 200) will be returned.

    * If the user provided status doesn't match the current image status (ie
      there is a real attempt to change the value) 403 will be returned. This
      will break any calls which currently intentionally change the status.

    APIImpact

    Closes-bug: 1482371

    Change-Id: I44fadf32abb57c962b67467091c3f51c1ccc25e6
    (cherry picked from commit 4d08db5b6d42323ac1958ef3b7417d875e7bea8c)