← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1429126] Re: miss moving unlock_override policy enforcement into V2.1 REST API layer

 

** Changed in: nova
       Status: Fix Committed => Fix Released

** Changed in: nova
    Milestone: None => liberty-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1429126

Title:
  miss moving unlock_override policy enforcement into V2.1 REST API
  layer

Status in OpenStack Compute (Nova):
  Fix Released
Status in OpenStack Security Advisories:
  Won't Fix

Bug description:
  Commit 01be083 misses unlock_override policy check in V2.1 REST API
  layer.

  The V2.1 REST API can always call this policy check, for this is no
  skip_policy_check coniditon in underlying layer.

    But for V2.1 API, we should not check any policy in underlying layer.
    This is the principle of V2.1 API policy. https://blueprints.launchpad.net/openstack/?searchtext=v3-api-policy
    https://review.openstack.org/#/c/147782/ has cleaned it. But it miss this one.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1429126/+subscriptions