61b358b6b5
There wasn't policies for get port binding and activate port binding API calls defined at all. When we switched to new default policies and regular user wanted to make call to activate port binding, it was error 500 what we returned instead of proper 4xx error. It was like that as "get_port_binding" call which was done internally during "activate" API request falled back to the default policy which is "admin_or_owner" and as port binding resource don't have project_id, owner couldn't be checked there. Now it has defined S-RBAC policies for those API calls and it is allowed for admin users only to solve that problem. This patch don't define old, deprecated policies for those API calls as it wasn't really needed there and we already switched to new policies by default now. Closes-Bug: #2013326 Change-Id: Id281e4950dc5d7bac62dfa8175d82cb1f8d2e855
OpenStack Neutron
Neutron is an OpenStack project to provide "network connectivity as a service" between interface devices (e.g., vNICs) managed by other OpenStack services (e.g., Nova).
To learn more about neutron:
- Documentation: https://docs.openstack.org/neutron/latest/
- Features: https://specs.openstack.org/openstack/neutron-specs
- Defects: https://launchpad.net/neutron
- Release notes: https://docs.openstack.org/releasenotes/neutron/index.html
- Source: https://opendev.org/openstack/neutron
If you would like to contribute to Neutron, please read the file CONTRIBUTING.rst or see the Neutron contributor guide:
https://docs.openstack.org/neutron/latest/contributor/contributing.html
Get in touch via email. Use [Neutron] in your subject.