OpenStack Dashboard (Horizon)

Non-admin users shouldn't be able to create public images

Bug #1698490 reported by Ying Zuo
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
Medium
Ying Zuo
OpenStack Dashboard (Horizon) pike-3

Bug Description

When a non-admin user tries to create a public image with the Angular create image modal, the action will fail with error "403 Forbidden: You are not authorized to complete this action.". The public option should be hidden for non-admin users.

Ying Zuo (yingzuo)
Changed in horizon:
assignee: nobody → Ying Zuo (yingzuo)
Ying Zuo (yingzuo)
summary: - eNon-admin users shouldn't be able to create public images
+ Non-admin users shouldn't be able to create public images
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/475651

Changed in horizon:
status: New → In Progress
Ying Zuo (yingzuo)
Changed in horizon:
importance: Undecided → Medium
milestone: none → pike-3
Rob Cresswell (robcresswell-deactivatedaccount)
tags: added: ocata-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/475651
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=932511031f6246af1b996e26e500fdd5d848462e
Submitter: Jenkins
Branch: master

commit 932511031f6246af1b996e26e500fdd5d848462e
Author: Ying Zuo <email address hidden>
Date: Mon Jun 19 22:01:12 2017 -0700

    Only show the image visibility option if it's allowed

    The visibility field on create image modal and edit image
    modal should be shown if it's allowed based on the
    glance policy.

    Change-Id: I36f1b1c6e93c5ce06873f6a5f6106d8759fac6d0
    Closes-bug: #1698490

Changed in horizon:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (stable/ocata)

Fix proposed to branch: stable/ocata
Review: https://review.openstack.org/480887

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (stable/ocata)

Reviewed: https://review.openstack.org/480887
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=21ce07a9edbba97e919a33a9153464d8e0a5a8ca
Submitter: Jenkins
Branch: stable/ocata

commit 21ce07a9edbba97e919a33a9153464d8e0a5a8ca
Author: Ying Zuo <email address hidden>
Date: Mon Jun 19 22:01:12 2017 -0700

    Only show the image visibility option if it's allowed

    The visibility field on create image modal and edit image
    modal should be shown if it's allowed based on the
    glance policy.

    Change-Id: I36f1b1c6e93c5ce06873f6a5f6106d8759fac6d0
    Closes-bug: #1698490
    (cherry picked from commit 932511031f6246af1b996e26e500fdd5d848462e)

tags: added: in-stable-ocata
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 12.0.0.0b3

This issue was fixed in the openstack/horizon 12.0.0.0b3 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 11.0.4

This issue was fixed in the openstack/horizon 11.0.4 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.