Core REST API methods should have policy checks

Registered by Christopher Yeoh on 2013-11-18

Some of the old V2 API core methods do not have policy checks associated with them. Policy checks should be added

Blueprint information

Status:
Started
Approver:
Russell Bryant
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
Christopher Yeoh
Definition:
Drafting
Series goal:
None
Implementation:
Needs Code Review
Milestone target:
None
Started by
Russell Bryant on 2014-01-13

Related branches

Sprints

Whiteboard

[Alex Xu]:
Use ''compute:v3:servers:xxx" for v3

Working list, https://etherpad.openstack.org/p/CoreMissPolicy

Gerrit topic: https://review.openstack.org/#q,topic:bp/v3-api-policy,n,z

Addressed by: https://review.openstack.org/62567
    Add policy check for server's delete in v2 api

Addressed by: https://review.openstack.org/62568
    Add policy check for server's delete in v3 api

Addressed by: https://review.openstack.org/62826
    Add core_authorizer that using 'compute:' as the scope of core api in v3

Gerrit topic: https://review.openstack.org/#q,topic:bp/v3-api-core-policy,n,z

Addressed by: https://review.openstack.org/63063
    Add policy check for server's start/stop in v3 api

v3 API patches have been deferred to Juno --russellb

Unapproved - please re-submit via nova-spec --johnthetubagy (20th March 2014)

Removed from next, as next is now reserved for near misses from the last milestone --johnthetubaguy[Alex Xu]:
Use ''compute:v3:servers:xxx" for v3

Working list, https://etherpad.openstack.org/p/CoreMissPolicy

Gerrit topic: https://review.openstack.org/#q,topic:bp/v3-api-policy,n,z

Addressed by: https://review.openstack.org/62567
    Add policy check for server's delete in v2 api

Addressed by: https://review.openstack.org/62568
    Add policy check for server's delete in v3 api

Addressed by: https://review.openstack.org/62826
    Add core_authorizer that using 'compute:' as the scope of core api in v3

Gerrit topic: https://review.openstack.org/#q,topic:bp/v3-api-core-policy,n,z

Addressed by: https://review.openstack.org/63063
    Add policy check for server's start/stop in v3 api

v3 API patches have been deferred to Juno --russellb

Unapproved - please re-submit via nova-spec --johnthetubagy (20th March 2014)

Removed from next, as next is now reserved for near misses from the last milestone --johnthetubaguy

Marking this blueprint as definition: Drafting. If you are still working on this, please re-submit via nova-specs. If not, please mark as obsolete, and add a quick comment to describe why. --johnthetubaguy (20th April 2014)

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.