neutron

  1. Bug #1957175
  2. Comment #27

Comment 27 for bug 1957175

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/ussuri)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/827017
Committed: https://opendev.org/openstack/neutron/commit/b738de94182b90a72b28e92f5b2218b5198e01f6
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit b738de94182b90a72b28e92f5b2218b5198e01f6
Author: yatinkarel <email address hidden>
Date: Thu Jan 27 13:20:07 2022 +0530

    [Stable Only] Enforce policy for qos_policy_id attribute

    Currently while updating 'qos_policy_id', authorization policies
    are not enforced and as a result it can be set or unset over
    port/network/fip by an unauthorized user.

    This patch fixes it by setting 'enforce_policy' to True
    for this attribute for Floating IP, for port and network
    it's fixed in neutron-lib[1].

    This patch is only for stable releases as for releases since
    Yoga this is fixed in neutron-lib[2] itself.

    [1] https://review.opendev.org/q/Ieee1ca092e572ad4696105962fbc6de675454657
    [2] https://review.opendev.org/c/openstack/neutron-lib/+/825088

    Depends-On: https://review.opendev.org/c/openstack/tempest/+/828245
    Closes-Bug: #1957175
    Change-Id: Ie0660e5e89e45c00b79464368ba337d27a824714
    (cherry picked from commit 0c2af0f6e7d99d60aed20e731d5b178f1e152678)