OpenStack Compute (nova)

Add whitelist for filter and sort query parameters for server list API (partial)

Registered by Zhenyu Zheng

According newton summit and the newton mid-cycle discussions, we are planning to strict
the filter and sort query parameters for server list API, this was previously
tracked as a bug:
https://bugs.launchpad.net/nova/+bug/1609039, after several discussion in Ocata design
summit and Nova-API IRC meetings, we decided to track this using BP.

In this Blueprint, a mechanism will be added to strict the query parameters (including sort_key, filter, marker) for Server List API for both non-admin and admin users.

This will be done by adding parameter whitelists for non-admin and admin users,
the query parameters for non-admin users will be limited to fields that have
index in DB(new indexes will be added if needed).

Blueprint information

Status:
Complete
Approver:
Matt Riedemann
Priority:
High
Drafter:
Zhenyu Zheng
Direction:
Approved
Assignee:
Zhenyu Zheng
Definition:
Approved
Series goal:
Accepted for ocata
Implementation:
Implemented
Milestone target:
milestone icon ocata-3
Started by
Matt Riedemann
Completed by
Matt Riedemann

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/add-whitelist-for-server-list-filter-sort-parameters,n,z

Addressed by: https://review.openstack.org/#/c/393205/ Add whitelist for filter and sort query parameters for server list API

Addressed by: https://review.openstack.org/393205
    Add whitelist for filter and sort query parameters for server list API

Addressed by: https://review.openstack.org/398755
    Use JSON-Schema to validate query parameters for keypairs API

Addressed by: https://review.openstack.org/389003
    Adds support for versioned schema validation for query parameters

Addressed by: https://review.openstack.org/408571
    Add query parameter schema for server list/detail in microversion 2.1

Addressed by: https://review.openstack.org/408999
    Add index on instances table across vm_state, task_state & project_id

Addressed by: https://review.openstack.org/409400
    Add indexes for created_at, image, flavor on instances table

Addressed by: https://review.openstack.org/415142
    Add sort_key white list for server list/detail

Addressed by: https://review.openstack.org/415330
    [WIP]Add new policy for server list/detail with all_tenants

Gerrit topic: https://review.openstack.org/#q,topic:bug/1653899,n,z

Addressed by: https://review.openstack.org/420494
    Strict pattern match query parameters

Addressed by: https://review.openstack.org/421760
    Add release note and docs for filter/sort whitelist

Addressed by: https://review.openstack.org/425533
    Few updates on server filter/sort spec

Addressed by: https://review.openstack.org/426128
    Make policy 'all_tenants_visible' a soft enforcement rule

Addressed by: https://review.openstack.org/427978
    Add release note for filter/sort whitelist

Addressed by: https://review.openstack.org/428285
    Add release note for filter/sort whitelist

I've marked this partially completed for the Ocata release. We still have the policy changes to make for all_tenants_visible, but let's work on those in Pike under a new blueprint (which we might want to rename so it's more specific to the policy changes). -- mriedem 20170203

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

Nearby

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.