Barbican

Post of unsupported parameters in ACL succeeds

  1. Series kilo
  2. Bug #1447872
Bug #1447872 reported by Dave McCowan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Barbican
Fix Released
Medium
Dave McCowan
Barbican 1.0.0 "liberty"
Kilo
Fix Committed
Medium
Douglas Mendizábal

Bug Description

The following ACL can be applied to a secret or container successfully.

{'read': {'users': ['reader'], 'creator-only': False},
  'write': {'users': ['writer'], 'creator-only': False},
   'list': {'users': ['lister'], 'creator-only': False}}

A white-list for write, list, and delete are not currently supported, but the server allows this ACL to be applied.
The validator should reject unsupported options.

Dave McCowan (dave-mccowan)
Changed in barbican:
assignee: nobody → Dave McCowan (dave-mccowan)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to barbican (master)

Fix proposed to branch: master
Review: https://review.openstack.org/177454

Changed in barbican:
status: New → In Progress
Douglas Mendizábal (dougmendizabal)
Changed in barbican:
importance: Undecided → Medium
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to barbican (master)

Reviewed: https://review.openstack.org/177454
Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=1fa86f707e0b4b5923268fb34c87026d390e0eef
Submitter: Jenkins
Branch: master

commit 1fa86f707e0b4b5923268fb34c87026d390e0eef
Author: Dave McCowan <email address hidden>
Date: Fri Apr 24 15:32:48 2015 -0400

    Remove Future Parameters (write, list, delete) from ACL Validation Schema

    Updated the validation schema for ACLs.
      - Removed write, list, and delete operations since they are not yet supported.
      - Added line for no additional properties other than "users" and "creator_only"
      - Added unit tests covering all of these and other conditions.
      - Updated unit tests to limit to "read" ACLs
      - Removed unit tests covering cases with more than one operation

    Change-Id: Ie8a3abd22d02bb4a7bbedad373efa7435f3bdb3b
    Closes-Bug: #1447872

Changed in barbican:
status: In Progress → Fix Committed
Douglas Mendizábal (dougmendizabal)
Changed in barbican:
milestone: none → liberty-1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to barbican (stable/kilo)

Fix proposed to branch: stable/kilo
Review: https://review.openstack.org/192398

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to barbican (stable/kilo)

Reviewed: https://review.openstack.org/192398
Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=d0a5ac2c8042de6eeddd35b8870c01eeead478c0
Submitter: Jenkins
Branch: stable/kilo

commit d0a5ac2c8042de6eeddd35b8870c01eeead478c0
Author: Dave McCowan <email address hidden>
Date: Fri Apr 24 15:32:48 2015 -0400

    Remove Future Parameters (write, list, delete) from ACL Validation Schema

    Updated the validation schema for ACLs.
      - Removed write, list, and delete operations since they are not yet supported.
      - Added line for no additional properties other than "users" and "creator_only"
      - Added unit tests covering all of these and other conditions.
      - Updated unit tests to limit to "read" ACLs
      - Removed unit tests covering cases with more than one operation

    Change-Id: Ie8a3abd22d02bb4a7bbedad373efa7435f3bdb3b
    Closes-Bug: #1447872
    (cherry picked from commit 1fa86f707e0b4b5923268fb34c87026d390e0eef)

Doug Hellmann (doug-hellmann)
Changed in barbican:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in barbican:
milestone: liberty-1 → 1.0.0
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.