yahoo-eng-team team mailing list archive

[OpenStack Infra <1714388@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/499433
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=fe8107a8179deca093463bbc95b6ba8b54915bf7
Submitter: Jenkins
Branch:    master

commit fe8107a8179deca093463bbc95b6ba8b54915bf7
Author: Kevin Benton <kevin@xxxxxxxxxx>
Date:   Wed Aug 30 20:15:49 2017 -0700

    Pecan: fix logic of hiding authZ failures as 404s
    
    Change [1] altered the behavior of the legacy API controller
    to do the sane thing and return an HTTP 403 instead of a 404
    whenever a user got a policy authorization failure when trying
    to mutate a resource they have the permission to view.
    
    This carries the same logic over to the pecan API.
    
    This also adjusts the logic for GET requests to return 404s
    instead of 403s to match the resource hiding behavior of the
    old controller.
    
    1. I7a5b0a9e89c8a71490dd74497794a52489f46cd2
    
    Closes-Bug: #1714388
    Change-Id: I9e0d288a42bc63c2927bebe9c581b83e6fbe010b


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1714388

Title:
  Pecan is missing the logic to hide authorization failures as 404s

Status in neutron:
  Fix Released

Bug description:
  The pecan code is missing the logic to translate some of the
  authorization failures into 404s instead of 403's.

  https://github.com/openstack/neutron/blob/8d2c1bd88b14eefbea74c72f384cb9952e7ee62e/neutron/api/v2/base.py#L575-L585

  https://github.com/openstack/neutron/blob/8d2c1bd88b14eefbea74c72f384cb9952e7ee62e/neutron/api/v2/base.py#L389-L393

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1714388/+subscriptions