Murano

User from not admin tenant can make own application public

Bug #1436289 reported by Vlad Naboichenko on 2015-03-25

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Murano	Fix Released	Medium	Kirill Zaitsev	Murano 2015.1.0 "kilo"

Bug Description

With this policy.json non-admin user can make own application public.

/etc/murano/policy.json

{
    "context_is_admin": "role:admin",
    "admin_api": "is_admin:True",
    "default": "",

"publicize_package": "rule:admin_api",
"publicize_image": "rule:admin_api"
}

Ekaterina Chernova (efedorova) on 2015-03-25

Changed in murano:
status:	New → Confirmed
assignee:	nobody → Ekaterina Chernova (efedorova)
importance:	Undecided → Medium
milestone:	none → kilo-rc1
assignee:	Ekaterina Chernova (efedorova) → nobody

OpenStack Infra (hudson-openstack) on 2015-04-08

Changed in murano:
assignee:	nobody → Kirill Zaitsev (kzaitsev)
status:	Confirmed → In Progress

Revision history for this message

Kirill Zaitsev (kzaitsev) wrote on 2015-04-09:

https://review.openstack.org/#/c/170126/ fixes this bug

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-04-10: Fix merged to murano (master)

Reviewed: https://review.openstack.org/170126
Committed: https://git.openstack.org/cgit/stackforge/murano/commit/?id=4732a4dec5e905b9deb9a6c3e2946acf38e864bb
Submitter: Jenkins
Branch: master

commit 4732a4dec5e905b9deb9a6c3e2946acf38e864bb
Author: Ekaterina Chernova <email address hidden>
Date: Thu Apr 2 16:39:13 2015 +0300

Update default policy settings

    Also, there were some issues with policy:
    * 'publicize_image' instead of 'publicize_package';
    * corresponding actions have different names;
    * user could not upload packages by default;
    * user could mark package public/unpublic;
    * user could delete pablic packages.

    Change-Id: I5459016a4e7401b58fcb343e40d0047a4959b7df
    Closes-Bug: #1439240
    Closes-Bug: #1436289

Changed in murano:
status:	In Progress → Fix Committed

Serg Melikyan (smelikyan) on 2015-04-22

Changed in murano:
status:	Fix Committed → Fix Released

Serg Melikyan (smelikyan) on 2015-05-03

Changed in murano:
milestone:	kilo-rc1 → 2015.1.0

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.