yahoo-eng-team team mailing list archive

[Numan Siddique <nusiddiq@xxxxxxxxxx>]

Public bug reported:

Policies defined for the neutron extension resource attributes are not
enforced.

In the case of address scopes, even though the policy.json has  the
below rules, neutron is allowing the tenant user to create a shared
address scope.

"create_subnetpool": "",
"create_subnetpool:shared": "rule:admin_only"

** Affects: neutron
     Importance: Undecided
     Assignee: Numan Siddique (numansiddique)
         Status: In Progress

** Changed in: neutron
     Assignee: (unassigned) => Numan Siddique (numansiddique)

** Changed in: neutron
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1471787

Title:
  policies defined for the neutron extension resource attributes are not
  enforced

Status in OpenStack Neutron (virtual network service):
  In Progress

Bug description:
  Policies defined for the neutron extension resource attributes are not
  enforced.

  In the case of address scopes, even though the policy.json has  the
  below rules, neutron is allowing the tenant user to create a shared
  address scope.

  "create_subnetpool": "",
  "create_subnetpool:shared": "rule:admin_only"

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1471787/+subscriptions