yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #30322
[Bug 1434916] [NEW] GET /v3/projects/project_id with parents_as_list or subtree_as_list option is leaking extra data
Public bug reported:
According to the spec 'New query params to retrieve the project
hierarchy' [1], GET /v3/projects/project_id?parents_as_list and GET
/v3/projects/project_id?subtree_as_list should only return the projects
in the hierarchy the user has access to.
However, they are always returning the whole project info (id, name,
domain_id, description, enabled) from all parents/subprojects.
[1] https://github.com/openstack/keystone-specs/blob/master/specs/kilo
/project-hierarchy-retrieval.rst
** Affects: keystone
Importance: Undecided
Assignee: Samuel de Medeiros Queiroz (samueldmq)
Status: New
** Changed in: keystone
Assignee: (unassigned) => Samuel de Medeiros Queiroz (samueldmq)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1434916
Title:
GET /v3/projects/project_id with parents_as_list or subtree_as_list
option is leaking extra data
Status in OpenStack Identity (Keystone):
New
Bug description:
According to the spec 'New query params to retrieve the project
hierarchy' [1], GET /v3/projects/project_id?parents_as_list and GET
/v3/projects/project_id?subtree_as_list should only return the
projects in the hierarchy the user has access to.
However, they are always returning the whole project info (id, name,
domain_id, description, enabled) from all parents/subprojects.
[1] https://github.com/openstack/keystone-specs/blob/master/specs/kilo
/project-hierarchy-retrieval.rst
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1434916/+subscriptions
Follow ups
References