commit 22f4fdafc0ac5cf86bd3b87faace5175fb8dc2c2
Author: Steven Hardy <email address hidden>
Date: Mon Dec 2 23:59:19 2013 +0000
Deny API requests where context doesn't match path
We shouldn't overwrite the context tenant_id (which comes from the
scope of the auth_token) with that from the path, instead raise a
HTTPForbidden exception if the path-provided tenant_id doesn't match
the context.
Reviewed: https:/ /review. openstack. org/61456 /git.openstack. org/cgit/ openstack/ heat/commit/ ?id=22f4fdafc0a c5cf86bd3b87faa ce5175fb8dc2c2
Committed: https:/
Submitter: Jenkins
Branch: stable/havana
commit 22f4fdafc0ac5cf 86bd3b87faace51 75fb8dc2c2
Author: Steven Hardy <email address hidden>
Date: Mon Dec 2 23:59:19 2013 +0000
Deny API requests where context doesn't match path
We shouldn't overwrite the context tenant_id (which comes from the
scope of the auth_token) with that from the path, instead raise a
HTTPForbidden exception if the path-provided tenant_id doesn't match
the context.
Change-Id: Ib6fb9881103312 f7492081a20178f 12309f35d81
Closes-Bug: #1256983