![]() Network owner should be able to get all ports and delete ports on network as policy allowed. But current code fails to support this. Current model query for Port is still based on tenant_id, it forgets to check for network owner when context tenant_id is not port owner. For port_delete action, policy will generate checking rules for port attributes, such as: rule:delete_port:binding:vif_details rule:delete_port:binding:vif_type This doesn't make sense, only single policy rule "rule:delete_port" is enough to check. This patch fixes this issue. Co-Authored-By: Kevin Benton <kevinbenton@buttewifi.com> Change-Id: I55328cb43207654b9bb4cfb732923982d020ab0a Closes-Bug: #1498790 |
||
---|---|---|
.. | ||
__init__.py | ||
attributes.py | ||
base.py | ||
resource.py | ||
resource_helper.py | ||
router.py |