yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #69747
[Bug 1737050] [NEW] No way to allow non admins the ability to filter on attributes such as host
Public bug reported:
We have a special read_only role in keystone and have given that role
the ability to list all instances via the policy rule:
index:get_all_tenants.
It can't however list all instances on a specific host for instance. I'm
not sure if a new policy rule should be added or it should be covered in
the existing rule "index:get_all_tenants"?
The offending code is in nova/api/openstack/compute/servers.py in the
remove_invalid_options method
** Affects: nova
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1737050
Title:
No way to allow non admins the ability to filter on attributes such as
host
Status in OpenStack Compute (nova):
New
Bug description:
We have a special read_only role in keystone and have given that role
the ability to list all instances via the policy rule:
index:get_all_tenants.
It can't however list all instances on a specific host for instance.
I'm not sure if a new policy rule should be added or it should be
covered in the existing rule "index:get_all_tenants"?
The offending code is in nova/api/openstack/compute/servers.py in the
remove_invalid_options method
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1737050/+subscriptions
Follow ups
