Glance

Change v2 API behavior when specifying get_image_location policy

Registered by Kairat Kushaev on 2015-10-07

When specifying get_image_location policy with role:admin the other users do not have possibility to list images or observe image details in API v2. Glance raises unauthorized error. It is not convenient for administrators so it is proposed to just exclude locations from server response when a user does not have permissions to observe it.
Moreover, we should have the same approach for the similar cases (need to check tags).

Blueprint information

Status:: Complete

Approver:: None

Priority:: Undefined

Drafter:: Kairat Kushaev

Direction:: Needs approval

Assignee:: Kairat Kushaev

Definition:: Approved

Series goal:: None

Implementation:: Implemented

Milestone target:: mitaka-1

Started by: Brian Rosmaita on 2019-04-01

Completed by: Brian Rosmaita on 2019-04-01

Related branches

Related bugs

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bug/1502136,n,z

Addressed by: https://review.openstack.org/233622
Allow image -list if access to attrs is forbidden

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

No subscribers.