openstack-manuals

To prevent client use v2 patch api to handle file and swift location

Bug #1403864 reported by OpenStack Infra on 2014-12-18

This bug report is a duplicate of: Bug #403467: aptd crashed with AttributeError in _check_for_inactivity(). Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	openstack-manuals	New	Undecided	Unassigned

Bug Description

https://review.openstack.org/142373
commit d9a928eac360add67477e29f516af868adfe0d5e
Author: Zhi Yan Liu <email address hidden>
Date: Mon Dec 15 12:29:55 2014 +0800

To prevent client use v2 patch api to handle file and swift location

    The change will be used to restrict client to download and delete any
    file in glance-api server. The same resone and logic as what we did in
    v1:
    https://github.com/openstack/glance/blob/master/glance/api/v1/images.py#L429

Closes-Bug: bug/1400966
DocImpact

    Note: Even this change could fully resolve the problem for Glance, but
    we still need to fix this issue from glance_store perspective
    separatelly due to other projects can use the lib directly.

    Conflicts:
     glance/api/v1/images.py
     glance/location.py
     glance/tests/functional/v2/test_images.py
     glance/tests/unit/test_store_location.py
     glance/tests/unit/v1/test_api.py

    (cherry-picked from 4afdb017aa1ccef01482f117cb8d0736a6da38ed)
    Signed-off-by: Zhi Yan Liu <email address hidden>
    Change-Id: I72dbead3cb2dcb87f52658ddb880e26880cc229b

Tags:

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #403467 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.