yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #52950
[Bug 1597233] [NEW] rbac-create should return an duplicated error when use same 'object_id', 'object_type' and 'target_tenant'
Public bug reported:
RBAC entry should be unique by combination of 'object_id','object_type' and 'target_tenant'.
But in fact, if we only change the 'action' value, we can get another entry with same 'object_id','object_type' and 'target_tenant'.
the process is:
[root@localhost devstack]# neutron rbac-create a539e28b-5e6c-4436-b44f-e1f966b6a6a4 --type network --target_tenant tenant_id --action access_as_shared
Created a new rbac_policy:
+---------------+--------------------------------------+
| Field | Value |
+---------------+--------------------------------------+
| action | access_as_shared |
| id | 0897f09b-1799-416e-9b5d-99d0e153a1b1 |
| object_id | a539e28b-5e6c-4436-b44f-e1f966b6a6a4 |
| object_type | network |
| target_tenant | tenant_id |
| tenant_id | aced7a29bb134dec82307a880d1cc542 |
+---------------+--------------------------------------+
[root@localhost devstack]# neutron rbac-create a539e28b-5e6c-4436-b44f-e1f966b6a6a4 --type network --target_tenant tenant_id --action access_as_external
Created a new rbac_policy:
+---------------+--------------------------------------+
| Field | Value |
+---------------+--------------------------------------+
| action | access_as_external |
| id | 2c12609e-7878-4161-b533-17b6413bcf0b |
| object_id | a539e28b-5e6c-4436-b44f-e1f966b6a6a4 |
| object_type | network |
| target_tenant | tenant_id |
| tenant_id | aced7a29bb134dec82307a880d1cc542 |
+---------------+--------------------------------------+
[root@localhost devstack]#
** Affects: neutron
Importance: Undecided
Assignee: JianGang Weng (weng-jiangang)
Status: New
** Changed in: neutron
Assignee: (unassigned) => JianGang Weng (weng-jiangang)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1597233
Title:
rbac-create should return an duplicated error when use same
'object_id','object_type' and 'target_tenant'
Status in neutron:
New
Bug description:
RBAC entry should be unique by combination of 'object_id','object_type' and 'target_tenant'.
But in fact, if we only change the 'action' value, we can get another entry with same 'object_id','object_type' and 'target_tenant'.
the process is:
[root@localhost devstack]# neutron rbac-create a539e28b-5e6c-4436-b44f-e1f966b6a6a4 --type network --target_tenant tenant_id --action access_as_shared
Created a new rbac_policy:
+---------------+--------------------------------------+
| Field | Value |
+---------------+--------------------------------------+
| action | access_as_shared |
| id | 0897f09b-1799-416e-9b5d-99d0e153a1b1 |
| object_id | a539e28b-5e6c-4436-b44f-e1f966b6a6a4 |
| object_type | network |
| target_tenant | tenant_id |
| tenant_id | aced7a29bb134dec82307a880d1cc542 |
+---------------+--------------------------------------+
[root@localhost devstack]# neutron rbac-create a539e28b-5e6c-4436-b44f-e1f966b6a6a4 --type network --target_tenant tenant_id --action access_as_external
Created a new rbac_policy:
+---------------+--------------------------------------+
| Field | Value |
+---------------+--------------------------------------+
| action | access_as_external |
| id | 2c12609e-7878-4161-b533-17b6413bcf0b |
| object_id | a539e28b-5e6c-4436-b44f-e1f966b6a6a4 |
| object_type | network |
| target_tenant | tenant_id |
| tenant_id | aced7a29bb134dec82307a880d1cc542 |
+---------------+--------------------------------------+
[root@localhost devstack]#
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1597233/+subscriptions
Follow ups
