openstack
/
magnum
Code Issues Proposed changes
magnum/magnum/common
History
Johannes Grassler f895b2bd09 Fix global stack list in periodic task 
The periodic task unneccessarily lists Heat stacks in the
global tenant (across all tenants) which the Magnum service
user may lack permission for. Also, the most restrictive way
to let it use global stack-list is chose a Keystone role and
open that operation to any user in any project holding that
role.

This commit substitutes a direct lookup of all bays' stack_id
attributes for this global stack list. This direct lookup will
yield the same net result. In order to get the neccessary
permissions it will use each bay's stored Keystone trust to
act on behalf of the bay's creating user.

Co-Authored-By: Jiri Suchomel <jiri.suchomel@suse.com>
Closes-Bug: #1589955
Change-Id: I67b176c137c463e37e037970cc4e468d51db30c9
 		2016-07-27 10:11:51 +02:00
..
cert_manager Remove unused LOG to keep code clean 2016-07-13 01:47:12 +00:00
x509 Make 'signing csr' accept Unicode CA Private key 2016-06-21 10:55:23 +09:00
__init__.py Create a ReST API entrypoint 2014-11-18 14:01:20 -07:00
clients.py Pass some common cert related arguments to clients 2016-06-27 17:48:16 +00:00
config.py Moved CORS middleware configuration into oslo-config-generator 2016-03-09 13:02:07 -08:00
context.py Fix global stack list in periodic task 2016-07-27 10:11:51 +02:00
docker_utils.py Use oslo_utils.uuidutils support 2016-05-25 21:07:40 +02:00
exception.py Fix the permission of these files -rwxr-xr-x 2016-07-20 22:55:38 +00:00
k8s_manifest.py Fix H405 and E131 ignored pep8 rules 2015-09-23 12:21:09 +01:00
keystone.py Fix global stack list in periodic task 2016-07-27 10:11:51 +02:00
name_generator.py Auto generate Bay/BayModel name 2016-06-17 19:02:55 +08:00
paths.py Remove imports from oslo namespaces 2015-02-08 02:59:30 +00:00
policy.py Remove unused LOG to keep code clean 2016-07-13 01:47:12 +00:00
rpc.py Update Magnum service name and description 2016-05-23 15:59:16 -05:00
rpc_service.py Fix global stack list in periodic task 2016-07-27 10:11:51 +02:00
safe_utils.py Trivial: Remove vim header in source files 2015-12-30 09:44:13 -05:00
service.py Moved CORS middleware configuration into oslo-config-generator 2016-03-09 13:02:07 -08:00
short_id.py Convert bytes to string in get_id for python3 compatibility 2016-02-29 14:34:01 +08:00
urlfetch.py Add i18n support for some ERROR message 2016-07-17 20:55:49 +08:00
utils.py Remove redundant utils code 2016-05-27 10:50:26 +01:00
yamlutils.py Add i18n support for some ERROR message 2016-07-17 20:55:49 +08:00