yahoo-eng-team team mailing list archive

[Launchpad Bug Tracker <1256215@xxxxxxxxxxxxxxxxxx>]

[Expired for OpenStack Dashboard (Horizon) because there has been no
activity for 60 days.]

** Changed in: horizon
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1256215

Title:
  Page not redirect success when user get an unauthorized error

Status in OpenStack Dashboard (Horizon):
  Expired

Bug description:
  We want to define that only admin, project admin and instance creator could update/delete/get the instance.
  For the purposes. we define the nova policy as below:

           "project_admin": "project_id:%(project_id)s and role:ProjectAdmin",
           "admin_or_project_admin": "is_admin:True or rule:project_admin",
           "admin_or_user": "rule:admin_or_project_admin or user_id:%(user_id)s",
           "default": "rule:admin_or_user",

  then, we found that if a user want to get detail of an instance which is not belong to him,
  the page will crash, and the traceback is:

      File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/instances/views.py", line 239, in get_tabs
        instance = self.get_data()
      File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/instances/views.py", line 235, in get_data
        self._instance = instance
     UnboundLocalError: local variable 'instance' referenced before assignment 

  In the get_data function, we expect there will be an authorization error, and should be catch and redirect to 'horizon:project:instances:index'
  But we found that in the function "exceptions.handle", if the exc_type is "UNAUTHORIZED", it will not handle the redirect parameter

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1256215/+subscriptions