Glance

A member can be created successfully with any value of <MEMBER_ID> parameter without any error

Bug #1656266 reported by Kanika Singh on 2017-01-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Glance	New	Undecided	Unassigned

Bug Description

Logically, MEMBER_ID should be the tenant_id that has to be added as a member. But in this case, MEMBER_ID parameter is not verified for existance. One can give any value as MEMBER_ID, database entry will be created for the specified value.

eg:

[root@controller ~(keystone_admin)]# glance member-create c03908a7-6166-4b2f-974e-ae9aa60f5472 abc
+--------------------------------------+----------------------------------+---------+
| Image ID | Member ID | Status |
+--------------------------------------+----------------------------------+---------+
| c03908a7-6166-4b2f-974e-ae9aa60f5472 | abc | pending |
+--------------------------------------+----------------------------------+---------+

This happens because there is no check for the validity of MEMBER_ID. The value is passed as it is given in the command.

There should be a feature to fetch tenant list and validate the entered value of MEMBER_ID in create() method in glance/api/v2/image_members.py file.

Revision history for this message

Dou Rui Yuan (rydou) wrote on 2017-08-11:

Only admin knows if the member is valid or not, regular user can not get other tenants and validate the member_id when create member.

In addition after create member, the target tenant still need to accept the image, so create a none existed member won't break the whole process.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.