yahoo-eng-team team mailing list archive

[OpenStack Infra <1618513@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/386008
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=dcc2934921c5b2770878eee5afd088a1a8dbf645
Submitter: Jenkins
Branch:    master

commit dcc2934921c5b2770878eee5afd088a1a8dbf645
Author: Andrey Volkov <avolkov@xxxxxxxxxxxx>
Date:   Thu Oct 13 17:19:28 2016 +0300

    Change default policy to view quota details
    
    Default policy for quota details was an admin only privilege
    but it was able to get used and reserved resource data via
    nova limits call even for non admin owners.
    
    Horizon worked around the issue by using the limits API instead of the
    os-quota-sets API. And this removes the need to workaround it and just
    use the single os-quota-sets API.
    
    This patch sets the quotas detail default policy to RULE_ADMIN_OR_OWNER.
    
    Change-Id: I65b9de24a1310079a67e033606eaf2dde796cd48
    Closes-Bug: #1618513


** Changed in: nova
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1618513

Title:
  nova quota policy with details seems broken

Status in OpenStack Compute (nova):
  Fix Released

Bug description:
  The default policy for this call:

  novaclient(request).quotas.get(tenant_id, detail=True)

  fails unless I am an admin type user.   This doesn't seem to make
  sense, as an _member_ type user, I can still find all the details just
  the same.   This just makes user do many more calls and calculations
  to work around this.

  The default policy file should be that if you are the member of the
  project, you can see the details if you want.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1618513/+subscriptions