commit 759ee38c53a5e469b8333856e60a0827175457e7
Author: Steven Hardy <email address hidden>
Date: Mon Dec 2 23:59:19 2013 +0000
Deny API requests where context doesn't match path
We shouldn't overwrite the context tenant_id (which comes from the
scope of the auth_token) with that from the path, instead raise a
HTTPForbidden exception if the path-provided tenant_id doesn't match
the context.
Reviewed: https:/ /review. openstack. org/61455 /git.openstack. org/cgit/ openstack/ heat/commit/ ?id=759ee38c53a 5e469b8333856e6 0a0827175457e7
Committed: https:/
Submitter: Jenkins
Branch: master
commit 759ee38c53a5e46 9b8333856e60a08 27175457e7
Author: Steven Hardy <email address hidden>
Date: Mon Dec 2 23:59:19 2013 +0000
Deny API requests where context doesn't match path
We shouldn't overwrite the context tenant_id (which comes from the
scope of the auth_token) with that from the path, instead raise a
HTTPForbidden exception if the path-provided tenant_id doesn't match
the context.
Change-Id: Ib6fb9881103312 f7492081a20178f 12309f35d81
Closes-Bug: #1256983