55edb00cc1
When a user has access to the APIs to reset status, task state or replica state but doesn't have access to the share, they must be prevented from performing those actions. This enforcement allows granular control of these actions and the resources themselves. Change-Id: Ic3be777b238a467d1b7bd1daa6aa088dedb095b0 Closes-Bug: #1955627 Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
9 lines
400 B
YAML
9 lines
400 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Role based access control is enforced on the POST /shares/{share_id}/action
|
|
API to reset status, task state, replica state and similar fields. This
|
|
prevents the situation where deployments allow some users access to
|
|
these APIs, but they don't belong to projects where the resources exist.
|
|
See `bug 1955627 <https://launchpad.net/bugs/1955627>`_ for more context.
|