openstack
/
neutron
Code Issues Proposed changes
neutron/neutron/tests/functional/pecan_wsgi
History
Slawek Kaplonski 60bc6c7a99 [API] Return 403 for POST requests when user is not authorized 
In the policy_enforcement module if policy.enforce() will raise
PolicyNotAuthorized exception, there is additional check if user is
trying to modify own or someone else resource. In case when user is not
allowed to show resource even, error 404 is raised to "hide" any
information about requested resource.
But that was also the case for POST (create resource) requests and 404
error when user is trying e.g. create network is confusing.
So this patch modifies that logic and in case of "create_" actions it
will return 403 if user was not authorized to do such operation.

Closes-Bug: #1965294
Change-Id: I80b0616c335134a564361137b2a00ff86dcbdf1c
 		2022-04-11 10:51:26 +00:00
..
__init__.py Remove references to unittest2 library 2020-01-14 09:03:26 +00:00
config.py Rename 'newapi' to 'pecan_wsgi' 2015-09-02 15:53:34 +00:00
test_controllers.py Replace "tenant_id" with "project_id" in Quota engine 2021-09-22 08:27:10 +00:00
test_functional.py Complete removal of dependency on the "mock" package 2020-05-01 12:05:34 -04:00
test_hooks.py [API] Return 403 for POST requests when user is not authorized 2022-04-11 10:51:26 +00:00
utils.py Use constant IP_VERSION_4/6 in functional tests 2018-08-27 21:45:56 +00:00