Add is_admin to safe fields list for notifications
We encountered bug 2037312 in unit tests when attempting to get this
change rolled out. Heat apparently will attempt to set is_admin using
policy logic if it's not passed in for a new context; this breaks as the
context we are requested doesn't have all the needed information to
exercise the policy logic.
is_admin is just a bool; it's not sensitive; easiest route forward is to
add it to the safe list
Closes-bug: 2037312
Change-Id: I78b08edfcb8115cddd7de9c6c788c0a57c8218a8
(cherry picked from commit c1b606f77e
)
This commit is contained in:
parent
2a76281e63
commit
29623702fc
|
@ -180,6 +180,10 @@ def _sanitize_context(ctxt):
|
||||||
'domain_id',
|
'domain_id',
|
||||||
'user_domain_id',
|
'user_domain_id',
|
||||||
'project_domain_id',
|
'project_domain_id',
|
||||||
|
# NOTE(JayF): Without is_admin; heat will make a roundtrip to policy
|
||||||
|
# to try to set it to a sane value when instantiating the
|
||||||
|
# replacement context. Instead, just pass it on.
|
||||||
|
'is_admin',
|
||||||
'request_id',
|
'request_id',
|
||||||
'roles',
|
'roles',
|
||||||
'user_name',
|
'user_name',
|
||||||
|
|
Loading…
Reference in New Issue