Merge "Enforce policy checks getting share-type by name" into stable/rocky
This commit is contained in:
commit
93df7fb072
|
@ -347,7 +347,8 @@ class ShareMixin(object):
|
||||||
else:
|
else:
|
||||||
share_type = share_types.get_share_type(
|
share_type = share_types.get_share_type(
|
||||||
context, req_share_type)
|
context, req_share_type)
|
||||||
except exception.ShareTypeNotFound:
|
except (exception.ShareTypeNotFound,
|
||||||
|
exception.ShareTypeNotFoundByName):
|
||||||
msg = _("Share type not found.")
|
msg = _("Share type not found.")
|
||||||
raise exc.HTTPNotFound(explanation=msg)
|
raise exc.HTTPNotFound(explanation=msg)
|
||||||
elif not snapshot:
|
elif not snapshot:
|
||||||
|
|
|
@ -3938,8 +3938,7 @@ def share_type_get(context, id, inactive=False, expected_fields=None):
|
||||||
|
|
||||||
|
|
||||||
def _share_type_get_by_name(context, name, session=None):
|
def _share_type_get_by_name(context, name, session=None):
|
||||||
result = (model_query(context, models.ShareTypes, session=session).
|
result = (_share_type_get_query(context, session=session).
|
||||||
options(joinedload('extra_specs')).
|
|
||||||
filter_by(name=name).
|
filter_by(name=name).
|
||||||
first())
|
first())
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
Fixed `launchpad bug #1885956 <https://bugs.launchpad.net/manila/+bug/1885956>`_
|
||||||
|
by ensuring that policy checks are enforced when looking up a share-type
|
||||||
|
by name. This prevents a problem where shares could be stuck in CREATING
|
||||||
|
status when a user attempts to create a share using the name of a private
|
||||||
|
share-type to which the user lacks access.
|
Loading…
Reference in New Issue