A member can be created successfully with any value of <MEMBER_ID> parameter without any error
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Glance |
New
|
Undecided
|
Unassigned |
Bug Description
Logically, MEMBER_ID should be the tenant_id that has to be added as a member. But in this case, MEMBER_ID parameter is not verified for existance. One can give any value as MEMBER_ID, database entry will be created for the specified value.
eg:
[root@controller ~(keystone_admin)]# glance member-create c03908a7-
+------
| Image ID | Member ID | Status |
+------
| c03908a7-
+------
This happens because there is no check for the validity of MEMBER_ID. The value is passed as it is given in the command.
There should be a feature to fetch tenant list and validate the entered value of MEMBER_ID in create() method in glance/
Only admin knows if the member is valid or not, regular user can not get other tenants and validate the member_id when create member.
In addition after create member, the target tenant still need to accept the image, so create a none existed member won't break the whole process.