← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1338885] [NEW] fwaas: admin should not be able to create firewall rule for non existing tenant

 

Public bug reported:

 Admin should not be able to create resources for non existing tenant.
      

Steps to Reproduce:

Actual Results: 
 
root@IGA-OSC:~# neutron firewall-rule-create --protocol tcp --action deny --tenant-id bf4fbb928d574829855ebfd9e5d0e -->(non existing tenant-id. changed the last few characters)
Created a new firewall_rule:
+------------------------+--------------------------------------+
| Field                  | Value                                |
+------------------------+--------------------------------------+
| action                 | deny                                 |
| description            |                                      |
| destination_ip_address |                                      |
| destination_port       |                                      |
| enabled                | True                                 |
| firewall_policy_id     |                                      |
| id                     | 7264e5a6-5752-4518-b26b-7c7395173747 |
| ip_version             | 4                                    |
| name                   |                                      |
| position               |                                      |
| protocol               | tcp                                  |
| shared                 | False                                |
| source_ip_address      |                                      |
| source_port            |                                      |
| tenant_id              | bf4fbb928d574829855ebfd9e5d0e        |
+------------------------+--------------------------------------+
root@IGA-OSC:~# ktl
+----------------------------------+---------+---------+
|                id                |   name  | enabled |
+----------------------------------+---------+---------+
| 0ad385e00e97476e9456945c079a21ea |  admin  |   True  |
| 43af7b7c0dbc40bd90d03cc08df201ce | service |   True  |
| d9481c57a11c46eea62886938b5378a7 | tenant1 |   True  |
| bf4fbb928d574829855ebfd9e5d0e58c | tenant2 |   True  |
+----------------------------------+---------+---------+
 
==============================================

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1338885

Title:
  fwaas: admin should not be able to create firewall rule for non
  existing tenant

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
   Admin should not be able to create resources for non existing tenant.
        

  Steps to Reproduce:

  Actual Results: 
   
  root@IGA-OSC:~# neutron firewall-rule-create --protocol tcp --action deny --tenant-id bf4fbb928d574829855ebfd9e5d0e -->(non existing tenant-id. changed the last few characters)
  Created a new firewall_rule:
  +------------------------+--------------------------------------+
  | Field                  | Value                                |
  +------------------------+--------------------------------------+
  | action                 | deny                                 |
  | description            |                                      |
  | destination_ip_address |                                      |
  | destination_port       |                                      |
  | enabled                | True                                 |
  | firewall_policy_id     |                                      |
  | id                     | 7264e5a6-5752-4518-b26b-7c7395173747 |
  | ip_version             | 4                                    |
  | name                   |                                      |
  | position               |                                      |
  | protocol               | tcp                                  |
  | shared                 | False                                |
  | source_ip_address      |                                      |
  | source_port            |                                      |
  | tenant_id              | bf4fbb928d574829855ebfd9e5d0e        |
  +------------------------+--------------------------------------+
  root@IGA-OSC:~# ktl
  +----------------------------------+---------+---------+
  |                id                |   name  | enabled |
  +----------------------------------+---------+---------+
  | 0ad385e00e97476e9456945c079a21ea |  admin  |   True  |
  | 43af7b7c0dbc40bd90d03cc08df201ce | service |   True  |
  | d9481c57a11c46eea62886938b5378a7 | tenant1 |   True  |
  | bf4fbb928d574829855ebfd9e5d0e58c | tenant2 |   True  |
  +----------------------------------+---------+---------+
   
  ==============================================

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1338885/+subscriptions


Follow ups

References