neutron

[Secure RBAC] Delete port on own network which is shared with other project is not possible

Bug #2004012 reported by Slawek Kaplonski on 2023-01-27

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Fix Released	High	Slawek Kaplonski

Bug Description

Failed test: neutron_tempest_plugin.api.admin.test_shared_network_extension.RBACSharedNetworksTest.test_tenant_can_delete_port_on_own_network

Traceback (most recent call last):
  File "/opt/stack/tempest/.tox/tempest/lib/python3.8/site-packages/neutron_tempest_plugin/api/admin/test_shared_network_extension.py", line 287, in test_tenant_can_delete_port_on_own_network
    self.client.delete_port(port['id'])
  File "/opt/stack/tempest/.tox/tempest/lib/python3.8/site-packages/neutron_tempest_plugin/services/network/json/network_client.py", line 112, in _delete
    resp, body = self.delete(uri)
  File "/opt/stack/tempest/tempest/lib/common/rest_client.py", line 330, in delete
    return self.request('DELETE', url, extra_headers, headers, body)
  File "/opt/stack/tempest/tempest/lib/common/rest_client.py", line 720, in request
    self._error_checker(resp, resp_body)
  File "/opt/stack/tempest/tempest/lib/common/rest_client.py", line 826, in _error_checker
    raise exceptions.NotFound(resp_body, resp=resp)
tempest.lib.exceptions.NotFound: Object not found
Details: {'type': 'HTTPNotFound', 'message': 'The resource could not be found.', 'detail': ''}

Tags:

Slawek Kaplonski (slaweq) on 2023-01-31

Changed in neutron:
assignee:	nobody → Slawek Kaplonski (slaweq)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-01-31: Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/872280

Changed in neutron:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-01: Fix merged to neutron (master)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/872280
Committed: https://opendev.org/openstack/neutron/commit/17be2505d145d404967b30d9794b9d027b83ac6b
Submitter: "Zuul (22348)"
Branch: master

commit 17be2505d145d404967b30d9794b9d027b83ac6b
Author: Slawek Kaplonski <email address hidden>
Date: Tue Jan 31 15:14:50 2023 +0100

[Secure RBAC] Allow network owner to delete ports plugged to the network

Network owner should be able to delete ports plugged to the owner's
network, even if port belongs to some other project.

    Closes-Bug: #2004012
    Closes-Bug: #2004016
    Change-Id: I6d5418762b48ff382ca95b1a445a6edc7d72b424

Changed in neutron:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-02-28: Fix proposed to neutron (stable/zed)

Fix proposed to branch: stable/zed
Review: https://review.opendev.org/c/openstack/neutron/+/875607

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-03-02: Fix merged to neutron (stable/zed)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/875607
Committed: https://opendev.org/openstack/neutron/commit/f2ba02d90da6b00e2213f66fb2f0b19ed2ea30af
Submitter: "Zuul (22348)"
Branch: stable/zed

commit f2ba02d90da6b00e2213f66fb2f0b19ed2ea30af
Author: Slawek Kaplonski <email address hidden>
Date: Tue Jan 31 15:14:50 2023 +0100

[Secure RBAC] Allow network owner to delete ports plugged to the network

Network owner should be able to delete ports plugged to the owner's
network, even if port belongs to some other project.

    Closes-Bug: #2004012
    Closes-Bug: #2004016
    Change-Id: I6d5418762b48ff382ca95b1a445a6edc7d72b424
    (cherry picked from commit 17be2505d145d404967b30d9794b9d027b83ac6b)