check network ambiguity before external network auth
This change refactors the logic in the neutronv2 api to check for
network ambiguity before checking permission to attach external
network. In the scenario when there is a network available in the
client's tenant and an external shared network available in a
different tenant, the client was receiving a Forbidden error
because the external network was in the list of available networks
even though the client did have access to the other network in the
list.
With this change, the client receives a NetworkAmbiguous error instead
the same scenario, as they could succeed in booting an instance while
specifying --nic with the net-id of the network they can access.
Reviewed: https:/ /review. openstack. org/121330 /git.openstack. org/cgit/ openstack/ nova/commit/ ?id=3e11db0e3b8 32703feafe8317c 0c12fb0a149e53
Committed: https:/
Submitter: Jenkins
Branch: master
commit 3e11db0e3b83270 3feafe8317c0c12 fb0a149e53
Author: melanie witt <email address hidden>
Date: Sat Sep 13 08:04:12 2014 +0000
check network ambiguity before external network auth
This change refactors the logic in the neutronv2 api to check for
network ambiguity before checking permission to attach external
network. In the scenario when there is a network available in the
client's tenant and an external shared network available in a
different tenant, the client was receiving a Forbidden error
because the external network was in the list of available networks
even though the client did have access to the other network in the
list.
With this change, the client receives a NetworkAmbiguous error instead
the same scenario, as they could succeed in booting an instance while
specifying --nic with the net-id of the network they can access.
Closes-Bug: #1364344
Change-Id: Ia94c25ff0ffd6a 368da272fc6d883 986156a0362