7d1b81d78f
A user was able to create a LB using a vip_subnet_id from another user
(by passing the UUID).
Now, the vip_subnet_id parameter is validated using the user context,
so an error is returned if the subnet doesn't belong to the user.
I479019a911b5a1acfc1951d1cbbc2a351089cb4d was a previous attempt to fix
that bug but vip_subnet_id check was missing.
Story: 2008586
Task: 41741
Depends-On: https://review.opendev.org/774157
Change-Id: I602418264e171a2b1a926eff0b1f9e6dc186295a
(cherry picked from commit 8d86187c0a)
6 lines
156 B
YAML
6 lines
156 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Fix a bug that allowed a user to create a load balancer on a
|
|
``vip_subnet_id`` that belongs to another user using the subnet UUID.
|