yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #08200
[Bug 1268823] [NEW] Non-admin owned networks can be updated to shared
Public bug reported:
As a non-admin user, I am unable to create a shared network:
stack@sma-vm-dvstk:~/DEVSTACK/devstack$
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-create mysharednet --shared
{"NeutronError": {"message": "Policy doesn't allow create_network to be performed.", "type": "PolicyNotAuthorized", "detail": ""}}
This is expected since the behavior is defined in policy.json.
However, If I am able to update a network to be shared. If a network
cannot be created with shared=True, then the network shouldn't be able
to be modified to be shared=True.
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-create mysharednet
Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | 3e2ccb52-79a5-404b-9838-3a0926b35947 |
| name | mysharednet |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | c3d21dbd077144fe9d8f919488f72c2d |
+----------------+--------------------------------------+
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-update mysharednet --shared True
Updated network: mysharednet
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-show mysharednet
+-----------------+--------------------------------------+
| Field | Value |
+-----------------+--------------------------------------+
| admin_state_up | True |
| id | 3e2ccb52-79a5-404b-9838-3a0926b35947 |
| name | mysharednet |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | c3d21dbd077144fe9d8f919488f72c2d |
+-----------------+--------------------------------------+
** Affects: neutron
Importance: Undecided
Assignee: Stephen Ma (stephen-ma)
Status: New
** Changed in: neutron
Assignee: (unassigned) => Stephen Ma (stephen-ma)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1268823
Title:
Non-admin owned networks can be updated to shared
Status in OpenStack Neutron (virtual network service):
New
Bug description:
As a non-admin user, I am unable to create a shared network:
stack@sma-vm-dvstk:~/DEVSTACK/devstack$
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-create mysharednet --shared
{"NeutronError": {"message": "Policy doesn't allow create_network to be performed.", "type": "PolicyNotAuthorized", "detail": ""}}
This is expected since the behavior is defined in policy.json.
However, If I am able to update a network to be shared. If a network
cannot be created with shared=True, then the network shouldn't be able
to be modified to be shared=True.
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-create mysharednet
Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | 3e2ccb52-79a5-404b-9838-3a0926b35947 |
| name | mysharednet |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | c3d21dbd077144fe9d8f919488f72c2d |
+----------------+--------------------------------------+
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-update mysharednet --shared True
Updated network: mysharednet
stack@sma-vm-dvstk:~/DEVSTACK/devstack$ neutron net-show mysharednet
+-----------------+--------------------------------------+
| Field | Value |
+-----------------+--------------------------------------+
| admin_state_up | True |
| id | 3e2ccb52-79a5-404b-9838-3a0926b35947 |
| name | mysharednet |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | c3d21dbd077144fe9d8f919488f72c2d |
+-----------------+--------------------------------------+
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1268823/+subscriptions
Follow ups
References
