[SRBAC] FIP Port Forwarding policies should be available for PARENT_OWNER with proper role
Bug #2018989 reported by
Slawek Kaplonski
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Slawek Kaplonski |
Bug Description
Currently new S-RBAC policies for FIP port forwardings are defined as
policy_
this isn't correct as FIP PF resource don't have project_id attribute and always belongs to the owner of the FIP. It's very similar issue to what we have with QoS rules and what was reported in https:/
To fix that we need to use policies like ADMIN_OR_
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/openstack /neutron/ +/882691
Review: https:/