There are currently 41 calls to require_admin_context:
nova_context.require_admin_context(context)
All of them are in:
nova/api/openstack/compute/legacy_v2/contrib/
Each one of those calls is prefixed by a similar comment:
# NOTE(alex_xu): back-compatible with db layer hard-code admin
# permission checks. nova_context.require_admin_context(context)
And this comment addresses the question this bug raises:
# NOTE(alex_xu): back-compatible with db layer hard-code admin
# permission checks. This has to be left only for API v2.0 because
# this version has to be stable even if it means that only admins
# can call this method while the policy could be changed. nova_context.require_admin_context(context)
I suspect (but I could be wrong) that there was consensus to stop here with these API policy/permission check changes.
Can someone please confirm that the direction this bug proposes is still desired? Thanks!
There are currently 41 calls to require_ admin_context:
nova_ context. require_ admin_context( context)
All of them are in:
nova/ api/openstack/ compute/ legacy_ v2/contrib/
Each one of those calls is prefixed by a similar comment:
# NOTE(alex_xu): back-compatible with db layer hard-code admin
nova_context. require_ admin_context( context)
# permission checks.
And this comment addresses the question this bug raises:
# NOTE(alex_xu): back-compatible with db layer hard-code admin
nova_context. require_ admin_context( context)
# permission checks. This has to be left only for API v2.0 because
# this version has to be stable even if it means that only admins
# can call this method while the policy could be changed.
I suspect (but I could be wrong) that there was consensus to stop here with these API policy/permission check changes.
Can someone please confirm that the direction this bug proposes is still desired? Thanks!
If not... then we can close this bug.