openstack/nova
Code Issues Proposed changes

Removes unnecessary check for admin context in evacuate.

Browse Source 
Fix for bug 1177413

Change-Id: Ia293d0b55e30e57e1b4340d2bd423fac82902ced
This commit is contained in:
Kravchenko Pavel 2013-05-08 18:12:35 +03:00
parent d016c55587
commit 502b672376
3 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nova/api/openstack/compute/contrib/evacuate.py
View File

@ -39,9 +39,6 @@ class Controller(wsgi.Controller):
to a new one.
"""
context = req.environ["nova.context"]
if not context.is_admin:
msg = _("Instance evacuate is admin only functionality")
raise exc.HTTPForbidden(explanation=msg)
authorize(context)
try:

16
nova/tests/api/openstack/compute/contrib/test_evacuate.py
View File

@ -180,3 +180,19 @@ class EvacuateTest(test.TestCase):
res = req.get_response(app)
self.assertEqual(res.status_int, 200)
def test_not_admin(self):
ctxt = context.RequestContext('fake', 'fake', is_admin=False)
app = fakes.wsgi_app(fake_auth_context=ctxt)
uuid = self.UUID
req = webob.Request.blank('/v2/fake/servers/%s/action' % uuid)
req.method = 'POST'
req.body = jsonutils.dumps({
'evacuate': {
'host': 'my_host',
'onSharedStorage': 'True',
}
})
req.content_type = 'application/json'
res = req.get_response(app)
self.assertEqual(res.status_int, 403)

2
nova/tests/fake_policy.py
View File

@ -119,7 +119,7 @@ policy_data = """
"compute_extension:createserverext": "",
"compute_extension:deferred_delete": "",
"compute_extension:disk_config": "",
"compute_extension:evacuate": "",
"compute_extension:evacuate": "is_admin:True",
"compute_extension:extended_server_attributes": "",
"compute_extension:extended_status": "",
"compute_extension:extended_availability_zone": "",