yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1429126] Re: miss moving unlock_override policy enforcement into V2.1 REST API layer

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Wed, 24 Jun 2015 12:20:28 -0000
Reply-to: Bug 1429126 <1429126@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: nova
       Status: Fix Committed => Fix Released

** Changed in: nova
    Milestone: None => liberty-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1429126

Title:
  miss moving unlock_override policy enforcement into V2.1 REST API
  layer

Status in OpenStack Compute (Nova):
  Fix Released
Status in OpenStack Security Advisories:
  Won't Fix

Bug description:
  Commit 01be083 misses unlock_override policy check in V2.1 REST API
  layer.

  The V2.1 REST API can always call this policy check, for this is no
  skip_policy_check coniditon in underlying layer.

    But for V2.1 API, we should not check any policy in underlying layer.
    This is the principle of V2.1 API policy. https://blueprints.launchpad.net/openstack/?searchtext=v3-api-policy
    https://review.openstack.org/#/c/147782/ has cleaned it. But it miss this one.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1429126/+subscriptions