← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1485940] Re: non-admin user get error code "500" if he tries to deactivate the image hosted by admin which have visibility "public"

 

** Changed in: glance
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1485940

Title:
  non-admin user  get error code "500"  if he  tries to deactivate the
  image hosted by admin which have visibility "public"

Status in Glance:
  Fix Released
Status in Glance kilo series:
  In Progress
Status in Glance liberty series:
  In Progress

Bug description:
  Description:
  non-admin user  get error code "500"  if he  tries to deactivate the image hosted by admin which have visibility "public" which is not user friendly it should raise response 403 forbidden.

  Steps:
  scenario was tested using tempest.
  1. image was uploaded by admin user with visibility "public" using api.
  2. deactivate request was generated by non-admin user using api.
  3. In response header "500" was received.

  Expected:
  1. even if non-admin user is not allowed to deactivate image uploaded by admin user having visibility "public", response should contain "403 forbidden" to give meaning full information to user that he is not authorized to perform this act.

To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1485940/+subscriptions


References