31b34e91e0
Inclusion of a project_id in API URLs is now optional, and no longer required. Removing the project_id requirement facilitates supporting Secure RBAC's notion of system scope, in which an API method is not associated with a specific project. The API v3 routing is enhanced to provide duplicate routes for API methods that traditionally required a project_id in the URL: - The existing route for which a project_id is in the URL - A new route for when the URL does not include a project_id To test both routes and ensure there are no regresssions, the "API samples" functional tests include a project_id in the URLs, and the rest of the functional tests do not include the project_id. This is handled by changing the 'noauth' WSGI middleware to no longer add the project_id, and adding a new 'noauth_include_project_id' middleware filter that implements the legacy behavior. A new microversion V3.67 is introduced, but it only serves to inform clients whether the project_id is optional or required. When an API node supports mv 3.67, the project_id is optional in all API requests, even when the request specifies a earlier microversion. See the spec Ia44f199243be8f862520d7923007e7182b32f67d for more details on this behavior. Note: Much of the groundwork for this is based on manila's patch I5127e150e8a71e621890f30dba6720b3932cf583. DocImpact APIImpact Implements: blueprint project-id-optional-in-urls Change-Id: I3729cbe1902ab4dc335451d13ed921ec236fb8fd
26 lines
1.2 KiB
YAML
26 lines
1.2 KiB
YAML
---
|
|
features:
|
|
- |
|
|
Inclusion of a project_id in API URLs is now optional. The `Block Storage
|
|
API V3 <https://docs.openstack.org/api-ref/block-storage/v3>`_ reference
|
|
guide continues to show URLs with a project_id because the legacy behavior
|
|
continues to be supported.
|
|
|
|
A new API microversion V3.67 is introduced to inform clients when
|
|
inclusion of a project_id in API URLs is optional. The V3.67 microversion
|
|
is only used as an indicator that the API accepts a URL without a
|
|
project_id, and this applies to all requests regardless of the
|
|
microversion in the request. For example, an API node serving V3.67 or
|
|
greater will accept a URL without a project_id even if the request asks
|
|
for V3.0. Likewise, it will accept a URL containing a project_id even if
|
|
the request asks for V3.67.
|
|
upgrade:
|
|
- |
|
|
Upgrades are not affected by the new functionality whereby a project_id
|
|
is no longer required in API URLs. The legacy behavior in which a
|
|
project_id is included in the URL continues to be supported.
|
|
|
|
Detection of whether a URL includes a project_id is based on the value of
|
|
a new ``project_id_regex`` option. The default value matches UUIDs
|
|
created by keystone.
|