rbac: resource based verification doesnt work
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R3.0 |
Fix Committed
|
High
|
Deepinder Setia | |||
R3.1 |
Fix Committed
|
Undecided
|
Unassigned | |||
Trunk |
Fix Committed
|
High
|
Deepinder Setia |
Bug Description
A port created under 'admin' tenant can be deleted with creds of 'test-project1' tenant. This shouldnt have worked unless 'test-project1' is under shared list.
root@a2s41:
"name": "d1f45946-
"perms2": {
root@a2s41:
+------
| Property | Value |
+------
| description | |
| enabled | True |
| id | b105460ebf4f487
| name | admin |
+------
root@a2s41:
root@a2s41:
OS_TENANT_
root@a2s41:
Deleted port: d1f45946-
description: | updated |
tags: | added: blocker |
Changed in juniperopenstack: | |
milestone: | none → r3.1.0.0-fcs |
tags: | removed: blocker |
Review in progress for https:/ /review. opencontrail. org/16246
Submitter: Deepinder Setia (<email address hidden>)