yahoo-eng-team team mailing list archive

[Hong Hui Xiao <xiaohhui@xxxxxxxxxx>]

*** This bug is a duplicate of bug 1352907 ***
    https://bugs.launchpad.net/bugs/1352907

More thinking about this bug. The inconsistency might be designed to be
this way according to the tempest. Allow user to create a basic
connection between router and external network, however, let admin to do
other things.

The original bug in the description is resolved by Bug #1352907, so mark
duplicated with it.

** This bug has been marked a duplicate of bug 1352907
   response of normal user update the "shared" property of network

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1296953

Title:
  --disable-snat on tenant router raises 404

Status in neutron:
  In Progress

Bug description:
  arosen@arosen-desktop:~/devstack$ neutron router-create aaa
  nCreated a new router:
  +-----------------------+--------------------------------------+
  | Field                 | Value                                |
  +-----------------------+--------------------------------------+
  | admin_state_up        | True                                 |
  | distributed           | False                                |
  | external_gateway_info |                                      |
  | id                    | add4d46b-5036-4a96-af7e-8ceb44f9ab3d |
  | name                  | aaa                                  |
  | routes                |                                      |
  | status                | ACTIVE                               |
  | tenant_id             | 4ec9de7eae7445719e8f67f2f9d78aae     |
  +-----------------------+--------------------------------------+
  arosen@arosen-desktop:~/devstack$ neutron router-gateway-set --disable-snat  aaa public 
  The resource could not be found.

  
  2014-03-24 14:06:12.444 DEBUG neutron.policy [req-19762248-9964-4ad3-9ce9-de68d4cc4e49 demo 4ec9de7eae7445719e8f67f2f9d78aae] Failed policy check for 'update_router' from (pid=7068) enforce /opt/stack/neutron/neutron/policy.py:381
  2014-03-24 14:06:12.444 ERROR neutron.api.v2.resource [req-19762248-9964-4ad3-9ce9-de68d4cc4e49 demo 4ec9de7eae7445719e8f67f2f9d78aae] update failed
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource Traceback (most recent call last):
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource   File "/opt/stack/neutron/neutron/api/v2/resource.py", line 87, in resource
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource     result = method(request=request, **args)
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource   File "/opt/stack/neutron/neutron/api/v2/base.py", line 494, in update
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource     raise webob.exc.HTTPNotFound(msg)
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource HTTPNotFound: The resource could not be found.
  2014-03-24 14:06:12.444 TRACE neutron.api.v2.resource 
  2014-03-24 14:06:12.445 INFO neutron.wsgi [req-19762248-9964-4ad3-9ce9-de68d4cc4e49 demo 4ec9de7eae7445719e8f67f2f9d78aae] 10.24.114.91 - - [24/Mar/2014 14:06:12] "PUT /v2.0/routers/add4d46b-5036-4a96-af7e-8ceb44f9ab3d.json HTTP/1.1" 404 248 0.039626


  In the code we do:

          try:    
              policy.enforce(request.context,                                
                             action,
                             orig_obj)
          except exceptions.PolicyNotAuthorized:
              # To avoid giving away information, pretend that it        
              # doesn't exist                                        
              msg = _('The resource could not be found.')
              raise webob.exc.HTTPNotFound(msg)               
                                            

  it would be nice if we were smarter about this an raise not authorized
  instead of not found.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1296953/+subscriptions