neutron

no way for non admin users to get networks

Bug #1829387 reported by Arunas Grigalionis on 2019-05-16

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	neutron	Won't Fix	Medium	Unassigned

Bug Description

issue similar to this -> https://bugs.launchpad.net/nova/+bug/1737050

we have read_only role defined in keystone, it can get all projects, instances, even network agents, but can't filter networks for project

example
rule:
"ro_admin": "role:ro_admin"
policy:
"get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc or rule:ro_admin", -> doesn't work, returns empty response
"get_agent": "rule:admin_only or rule:ro_admin", -> works as expected

environment:
stable/stein

versions:
neutron 14.0.1
keystone 15.0.0

Slawek Kaplonski (slaweq) on 2019-05-16

Changed in neutron:
status:	New → Confirmed
importance:	Undecided → Medium

Bhuvana Bhere (bhuvana123) on 2019-08-08

Changed in neutron:
assignee:	nobody → Bhuvana Bhere (bhuvana123)

M Shruthi (mshruthi98) on 2019-10-11

Changed in neutron:
assignee:	Bhuvana Bhere (bhuvana123) → M Shruthi (mshruthi98)

M Shruthi (mshruthi98) on 2019-10-21

Changed in neutron:
assignee:	M Shruthi (mshruthi98) → nobody

Revision history for this message

Rodolfo Alonso (rodolfo-alonso-hernandez) wrote on 2022-11-28:

Bug closed due to lack of activity, please feel free to reopen if needed.

Changed in neutron:
status:	Confirmed → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.