58701be615
os-ips API policy is default to admin_or_owner[1] but API
is allowed for everyone.
We can see the test trying with other project context can access the API
- https://review.opendev.org/#/c/715477
This is because API does not pass the server project_id in policy target[2]
and if no target is passed then, policy.py add the default targets which is
nothing but context.project_id (allow for everyone who try to access)[3]
This commit fix this policy by passing the server's project_id in policy
target.
Closes-bug: #1869396
[1]
|
||
---|---|---|
.. | ||
compute | ||
__init__.py | ||
common.py | ||
fakes.py | ||
test_api_version_request.py | ||
test_auth.py | ||
test_common.py | ||
test_faults.py | ||
test_legacy_v2_compatible_wrapper.py | ||
test_mapper.py | ||
test_requestlog.py | ||
test_wsgi.py |