neutron/releasenotes/notes/show-all-security-group-rules-for-security-group-owner-6635dd3e4c6ab5ee.yaml
Slawek Kaplonski a6b55d760b List SG rules which belongs to tenant's SG
In case when user's security group contains rules created e.g.
by admin, and such rules has got admin's tenant as tenant_id,
owner of security group should be able to see those rules.
Some time ago this was addressed for request:

GET /v2.0/security-groups/<sec_group_id>

But it is also required to behave in same way for

GET /v2.0/security-group-rules

So this patch fixes this behaviour for listing of security
group rules.
To achieve that this patch also adds new policy rule:
ADMIN_OWNER_OR_SG_OWNER which is similar to already existing
ADMIN_OWNER_OR_NETWORK_OWNER used e.g. for listing or creating
ports.

Change-Id: I09114712582d2d38d14cf1683b87a8ce3a8e8c3c
Closes-Bug: #1824248
2019-12-04 20:44:05 +00:00

7 lines
244 B
YAML

---
fixes:
- |
Owners of security groups now see all security group rules which belong to
the security group, even if the rule was created by the admin user.
Fixes bug `1824248 <https://bugs.launchpad.net/neutron/+bug/1824248>`_.