Treat networks shared by RBAC in same way as shared with all tenants
In patch [1] handle of networks with "shared" flag set to True was
fixed and it is now possible to use "rule:shared" in API policy in
actions related e.g. to ports or subnets.
But network can be shared with some specific tenant only by doing it
with RBAC mechanism and in such case it didn't work with [1] only.
It was like that because context.get_admin_context() was used to get
network so this returned network had got shared=False set even if
request comes from tenant for which network was shared through RBAC.
Now network will be always get with context which have got set proper
tenant_id so "shared" flag will be set properly even in case if it's
shared through RBAC.
Reviewed: https:/ /review. opendev. org/668090 /git.openstack. org/cgit/ openstack/ neutron/ commit/ ?id=9b7ba672d2d 952f166c872e2ac f609ff2006666b
Committed: https:/
Submitter: Zuul
Branch: stable/rocky
commit 9b7ba672d2d952f 166c872e2acf609 ff2006666b
Author: Slawek Kaplonski <email address hidden>
Date: Fri Jun 21 13:09:05 2019 +0200
Treat networks shared by RBAC in same way as shared with all tenants
In patch [1] handle of networks with "shared" flag set to True was get_admin_ context( ) was used to get
fixed and it is now possible to use "rule:shared" in API policy in
actions related e.g. to ports or subnets.
But network can be shared with some specific tenant only by doing it
with RBAC mechanism and in such case it didn't work with [1] only.
It was like that because context.
network so this returned network had got shared=False set even if
request comes from tenant for which network was shared through RBAC.
Now network will be always get with context which have got set proper
tenant_id so "shared" flag will be set properly even in case if it's
shared through RBAC.
[1] https:/ /review. opendev. org/#/c/ 652636/
Change-Id: I38615c0d18bb5a 1f22f3e7865ce24 615a540aa9a d5221f8586fc6ff dca7ab8b67)
Closes-Bug: #1833455
(cherry picked from commit d5edb080b080bc5