User is able to still use deleted project when set as current project
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Confirmed
|
Low
|
David Lyle |
Bug Description
Description:
If we delete an project with an active user which is using the project, the user can still use the project by going back to project management and create instances, which are unable to be deleted in a later stadium.
Release found:
A customized version of Folsom
Steps to reproduce:
1. Go to Admin panel > Projects
2. Create a project named "sam", add admin user to the project with the admin role
3. Click on Project management
4. Set the current active project to "sam"
5. Go to on Admin panel > Projects
6. Delete the project called "sam"
7. Go back to Project management
8. Launch an instance
Current result:
I was able to go back to the sam project and create an instance in a non-existent project. If you then logout with the admin user and login again its impossible to find/delete the instance. nova list also doesn't show , the only way to delete it is with nova delete {{uuid}} but for this you need to know the uuid.
Expected result:
TO DISCUSS: I came up with two possiblities
1. Automatically logout if the project doesn't exist anymore
2 Or when deleting a project update the authorized_tenants and the user.tenant_name and user.tenant_id attributes. So that when the user goes back to Project management another(
Changed in horizon: | |
assignee: | nobody → Tzu-Mainn Chen (tzumainn) |
Changed in horizon: | |
milestone: | havana-1 → havana-2 |
Changed in horizon: | |
milestone: | havana-2 → havana-3 |
Changed in horizon: | |
milestone: | havana-3 → none |
Changed in horizon: | |
assignee: | Tzu-Mainn Chen (tzumainn) → David Lyle (david-lyle) |
importance: | Medium → Low |
There are two parts to this:
1. Horizon should do something to remove the deleted project from the list of available projects while the user is still logged in.
2. Nova is not doing the right thing with validating the token against keystone in your installation if you can still launch a VM. That part has nothing to do with Horizon.
I believe there are/have been other tickets about part 2, but I'll leave this one open to address part 1.