yatinkarel
0c2af0f6e7
Currently while updating 'qos_policy_id', authorization policies are not enforced and as a result it can be set or unset over port/network/fip by an unauthorized user. This patch fixes it by setting 'enforce_policy' to True for this attribute for Floating IP, for port and network it's fixed in neutron-lib[1]. This patch is only for stable releases as for releases since Yoga this is fixed in neutron-lib[2] itself. [1] https://review.opendev.org/q/Ieee1ca092e572ad4696105962fbc6de675454657 [2] https://review.opendev.org/c/openstack/neutron-lib/+/825088 Closes-Bug: #1957175 Change-Id: Ie0660e5e89e45c00b79464368ba337d27a824714