openstack
/
barbican
Code Issues Proposed changes
barbican/barbican/api/controllers
History
Douglas Mendizábal 93c5636f9c Fix policy for Orders 
This patch adds checks to make sure that the project_id of the token
matches the project_id that owns the Order.

Currently, having a role on any project will allow the request to be
processed, which results in a 404 - Not Found instead of 401 -
Forbidden.

Change-Id: Ie0e6f6edae40e47d45afbe92fd509032cb091b1a
(cherry picked from commit 5d81a3c453)
(cherry picked from commit 382b5086a2)
(cherry picked from commit ea7451e32c)
(cherry picked from commit 85b9feecd2)
 		2021-12-14 19:40:42 +00:00
..
__init__.py Fix secret metadata access rules 2021-11-02 16:22:40 +00:00
acls.py Using dict.items() is better than six.iteritems(dict) 2016-01-21 19:56:54 +08:00
consumers.py Merge "Add Secret Consumer Controllers and their tests" 2020-01-17 15:12:34 +00:00
containers.py Fix RBAC and ACL access for managing secret containers 2021-10-28 13:39:29 +00:00
orders.py Fix policy for Orders 2021-12-14 19:40:42 +00:00
quotas.py Dejokerizes 404 logs. 2019-11-12 16:27:32 +01:00
secretmeta.py Fix secret metadata access rules 2021-11-02 16:22:40 +00:00
secrets.py Fix secret metadata access rules 2021-11-02 16:22:40 +00:00
secretstores.py Remove translations for debug level log 2016-11-03 10:21:21 +08:00
transportkeys.py Remove translation of log messages 2017-06-03 10:18:55 +07:00
versions.py Remove Certificate Orders and CAs from API 2017-12-13 10:40:28 +07:00