We should try to prevent users setting 'status' via v1, but without breaking
existing benign API calls such as these.
I've adopted the following approach (which has some prior art in 'protected properties').
If a PUT request is received which contains an x-image-meta-status header:
* The user provided status is ignored if it matches the current image
status (this prevents benign calls such as the nova one above from
breaking). The usual code (eg 200) will be returned.
* If the user provided status doesn't match the current image status (ie
there is a real attempt to change the value) 403 will be returned. This
will break any calls which currently intentionally change the status.
APIImpact
Closes-bug: 1482371
Change-Id: I44fadf32abb57c962b67467091c3f51c1ccc25e6
(cherry picked from commit 4d08db5b6d42323ac1958ef3b7417d875e7bea8c)
(cherry picked from commit 9beca533f42ae1fc87418de0c360e19bc59b24b5)
Reviewed: https:/ /review. openstack. org/226338 /git.openstack. org/cgit/ openstack/ glance/ commit/ ?id=45be8e1c620 c50f3cbca76f561 945200a8843bc8
Committed: https:/
Submitter: Jenkins
Branch: stable/juno
commit 45be8e1c620c50f 3cbca76f5619452 00a8843bc8
Author: Stuart McLaren <email address hidden>
Date: Tue Aug 11 10:37:09 2015 +0000
Prevent image status being directly modified via v1
Users shouldn't be able to change an image's status directly via the
v1 API.
Some existing consumers of Glance set the x-image-meta-status header in
requests to the Glance API, eg:
https:/ /github. com/openstack/ nova/blob/ master/ plugins/ xenserver/ xenapi/ etc/xapi. d/plugins/ glance# L184
We should try to prevent users setting 'status' via v1, but without breaking
existing benign API calls such as these.
I've adopted the following approach (which has some prior art in 'protected properties').
If a PUT request is received which contains an x-image-meta-status header:
* The user provided status is ignored if it matches the current image
status (this prevents benign calls such as the nova one above from
breaking). The usual code (eg 200) will be returned.
* If the user provided status doesn't match the current image status (ie
there is a real attempt to change the value) 403 will be returned. This
will break any calls which currently intentionally change the status.
APIImpact
Closes-bug: 1482371
Change-Id: I44fadf32abb57c 962b67467091c3f 51c1ccc25e6 ac1958ef3b7417d 875e7bea8c) c87418de0c360e1 9bc59b24b5)
(cherry picked from commit 4d08db5b6d42323
(cherry picked from commit 9beca533f42ae1f