yahoo-eng-team team mailing list archive

[Thai Tran <tqtran@xxxxxxxxxx>]

Public bug reported:

Policy check today returns a JSON object containing an allowed flag that
can either be true or false. This requires that we check the response
object for the flag. It should instead just return a 204 for allowed, or
a 406 for not allowed (401 is already taken for unauthorized - which
redirects a user to the logout screen). This is undesirable since we may
want to hide content but not kick the user out.

We have future plans to batch policy checks and cache them, but for now,
the plan is for check to do a singular policy check that expects a
boolean. This is also more inline with the plans we have for hz-if-
policies directive.

** Affects: horizon
     Importance: Medium
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1489669

Title:
  Policy check returns HTTP status instead of JSON

Status in OpenStack Dashboard (Horizon):
  New

Bug description:
  Policy check today returns a JSON object containing an allowed flag
  that can either be true or false. This requires that we check the
  response object for the flag. It should instead just return a 204 for
  allowed, or a 406 for not allowed (401 is already taken for
  unauthorized - which redirects a user to the logout screen). This is
  undesirable since we may want to hide content but not kick the user
  out.

  We have future plans to batch policy checks and cache them, but for
  now, the plan is for check to do a singular policy check that expects
  a boolean. This is also more inline with the plans we have for hz-if-
  policies directive.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1489669/+subscriptions