no way for non admin users to get networks

Bug #1829387 reported by Arunas Grigalionis on 2019-05-16
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
neutron
Medium
M Shruthi

Bug Description

issue similar to this -> https://bugs.launchpad.net/nova/+bug/1737050

we have read_only role defined in keystone, it can get all projects, instances, even network agents, but can't filter networks for project

example
rule:
 "ro_admin": "role:ro_admin"
policy:
 "get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc or rule:ro_admin", -> doesn't work, returns empty response
 "get_agent": "rule:admin_only or rule:ro_admin", -> works as expected

environment:
  stable/stein

versions:
  neutron 14.0.1
  keystone 15.0.0

Changed in neutron:
status: New → Confirmed
importance: Undecided → Medium
Changed in neutron:
assignee: nobody → Bhuvana Bhere (bhuvana123)
M Shruthi (mshruthi98) on 2019-10-11
Changed in neutron:
assignee: Bhuvana Bhere (bhuvana123) → M Shruthi (mshruthi98)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers