Glance

Test (and enforcement?) for os_hidden mutability on queued images is wrong

Bug #1933360 reported by Dan Smith on 2021-06-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Glance	Fix Released	Undecided	Unassigned

Bug Description

The test glance.tests.unit.v2.test_images_resource.TestImagesController.test_update_queued_image_with_hidden seems to be looking to confirm that queued images cannot be marked as hidden. However, if that was the case, it should be checking for BadRequest (or similar) and not Forbidden. Currently it appears that the authorization "everything is immutable if not the owner" layer is what is triggering the Forbidden response.

If we want to assert that os_hidden cannot be modified for queued images, we need to do that (as it does not appear to actually be enforced anywhere). In that case, the test needs to be modified to check for the proper return code as well.

Abhishek Kekane (abhishek-kekane) on 2021-06-23

Changed in glance:
status:	New → Confirmed

Revision history for this message

Abhishek Kekane (abhishek-kekane) wrote on 2021-06-23:

Referring back to spec it is clear that we are not restricting this operation at all.
https://review.opendev.org/c/openstack/glance-specs/+/545397

It is certain this test doesn't make sense anymore.
I think it should be asserted for os_hidden = True after update call.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-06-23: Fix proposed to glance (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/glance/+/797721

Changed in glance:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-06-28: Fix merged to glance (master)

Reviewed: https://review.opendev.org/c/openstack/glance/+/797721
Committed: https://opendev.org/openstack/glance/commit/7c1cd438a0a9fe5cababc9ff0164ce7844c98abf
Submitter: "Zuul (22348)"
Branch: master

commit 7c1cd438a0a9fe5cababc9ff0164ce7844c98abf
Author: Dan Smith <email address hidden>
Date: Wed Jun 23 10:08:07 2021 -0700

Fix broken test_update_queued_image_with_hidden

    This fixes the test to behave the way we expect. It was failing to
    do the update because it was using an image the requester did not
    own, and asserting the found behavior of 403. However, the intent
    here is to allow it to be updated. So, this uses the proper image and
    asserts the proper behavior.

Change-Id: I71afe6a877485c8f92e67dcf32bb475c1a1a42a3
Closes-Bug: #1933360

Changed in glance:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-07-15: Fix included in openstack/glance 23.0.0.0b2

This issue was fixed in the openstack/glance 23.0.0.0b2 development milestone.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.