openstack/manila

Go to file

Goutham Pacha Ravi 8ab5ec6b4f [rbac] Pull up policy checks on share/snapshot APIs

RBAC enforcement in manila happens in stages:
1) Does user have access to the API
2) Does user have access to the resource
3) Is user permitted to perform the API action on the resource

If (1) fails, user gets a HTTP 403, if (2) fails,
they get a HTTP 404; if (3) fails, they get a HTTP 403.

More often than not, (2) prevents "existence" detection
of resources that don't belong to the user; except in
case of "public" resources (e.g.: shares can be "public").

In some share API methods, policy checks for (1) are
happening after a bunch of processing. This leads to
some inconsistency.

Fix these occurrences to ensure a consistent user
experience.

Change-Id: I5b1f1ce517efed000f17b1e0901e183a1913ba9f
Related-Bug: #2004230
Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
(cherry picked from commit 190876809f)
(cherry picked from commit 318140e250)
(cherry picked from commit 8edaa3254c)
(cherry picked from commit f878e15bca)

2024-02-05 22:05:41 -08:00

Add Share Affinity/Anti-Affinity Scheduler Filters

2021-09-03 08:58:46 +02:00

Set tempest api version config in devstack plugin

2021-12-22 20:12:57 +00:00

Fix manila plugin.sh set backend_availability_zone

2022-10-26 21:40:53 +00:00

[Infinidat] fixed host assisted migration

2023-01-27 10:39:12 +00:00

Add missing [oslo_reports] options

2021-08-21 08:33:47 +00:00

Add mod_wsgi configuration samples

2020-08-11 21:00:54 +00:00

[rbac] Pull up policy checks on share/snapshot APIs

2024-02-05 22:05:41 -08:00

playbooks/manila-tox-genconfig

[victoria][goal] Native Zuulv3 CI jobs

2020-07-28 14:55:14 -07:00

[Rally] fix jobs

2017-03-30 15:12:22 +03:00

Change status and error handling for /shares API

2024-01-17 06:27:34 +00:00

Remove references to sys.version_info

2021-05-28 15:40:54 +08:00

Merge "Remove TripleO job" into stable/xena

2023-04-10 11:45:39 +00:00

.coveragerc

Impove coverage job accuracy

2017-10-25 11:57:46 -04:00

.gitignore

[pylint] Remove lint tox environment

2019-02-19 11:04:03 -08:00

.gitreview

Update .gitreview for stable/xena

2021-09-17 16:23:15 +00:00

.pylintrc

[pylint] Fix/ignore pylint errors in non-test modules

2019-02-25 17:23:15 +00:00

.stestr.conf

tests: replace .testr.conf with .stestr.conf

2017-09-13 07:56:21 -04:00

bindep.txt

[CI] Add bindep.txt

2019-06-24 15:03:51 -07:00

CONTRIBUTING.rst

[cycle-goals] Add PTL and contributor quickstart

2020-04-18 22:29:50 +00:00

HACKING.rst

disable M325

2020-10-14 14:05:30 +08:00

LICENSE

Initialize from cinder

2013-08-08 10:34:06 -04:00

README.rst

Fix URLs in code and documentation

2020-03-18 18:59:27 -07:00

requirements.txt

Drop lower-constraints.txt and its testing

2022-05-03 13:34:43 +00:00

setup.cfg

Add Share Affinity/Anti-Affinity Scheduler Filters

2021-09-03 08:58:46 +02:00

setup.py

Cleanup Python 2.7 support

2020-03-27 16:55:52 +01:00

test-requirements.txt

Update requirements

2020-12-10 19:48:15 -08:00

tox.ini

[stable-only] Pin tox version

2023-01-13 20:18:47 +00:00

README.rst

Team and repository tags

MANILA

You have come across an OpenStack shared file system service. It has identified itself as "Manila." It was abstracted from the Cinder project.

Wiki: https://wiki.openstack.org/wiki/Manila
Developer docs: https://docs.openstack.org/manila/latest/

Getting Started

If you'd like to run from the master branch, you can clone the git repo:

git clone https://opendev.org/openstack/manila

For developer information please see HACKING.rst

You can raise bugs here https://bugs.launchpad.net/manila

Python client

https://opendev.org/openstack/python-manilaclient

Documentation for the project can be found at:

https://docs.openstack.org/manila/latest/

Release notes for the project can be found at:

https://docs.openstack.org/releasenotes/manila/

Source for the project:

https://opendev.org/openstack/manila

Bugs:

https://bugs.launchpad.net/manila

Blueprints:

https://blueprints.launchpad.net/manila

Design specifications are tracked at:

https://specs.openstack.org/openstack/manila-specs/