58701be615
os-ips API policy is default to admin_or_owner[1] but API
is allowed for everyone.
We can see the test trying with other project context can access the API
- https://review.opendev.org/#/c/715477
This is because API does not pass the server project_id in policy target[2]
and if no target is passed then, policy.py add the default targets which is
nothing but context.project_id (allow for everyone who try to access)[3]
This commit fix this policy by passing the server's project_id in policy
target.
Closes-bug: #1869396
[1]
|
||
---|---|---|
.. | ||
metadata | ||
openstack | ||
validation | ||
__init__.py | ||
auth.py | ||
compute_req_id.py | ||
wsgi.py |