incorrect PolicyNotAuthorized message
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
oslo.policy |
Fix Released
|
Undecided
|
ChangBo Guo(gcb) |
Bug Description
https:/
This string is also too verbose and confusing if/when presented to a user. Nova and cinder present a much simpler message that is actually more useful to a user. They just say "Policy doesn't allow %(action)s to be performed." Ideally oslo.policy would return the same string for consistency and for the improved clarity. Yes, this omits target and credential information, which could be useful to someone. Log that if you think it might be useful, but don't return it in the exception message. It makes the message too long and too hard to read. The message is a string, and target and credentials are dicts. Not only do they make the message very ugly and hard for a human to parse, but they are giving information that is typically unnecessary and won't be understood by most users.
Changed in oslo.policy: | |
status: | New → Confirmed |
assignee: | nobody → ChangBo Guo(gcb) (glongwave) |
This issue was fixed in the openstack/ oslo.policy 1.23.0 release.