Restrict Use of SubCAs to the owning project
Bug #1498289 reported by
Dave McCowan
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Barbican |
Fix Released
|
Critical
|
Dave McCowan |
Bug Description
Only a user with an acceptable role within a project should be able to POST a certificate Order for a SubCA.
A 403 should be returned if a user attempts to POST an Order referencing a SubCA owned by a different project.
Changed in barbican: | |
status: | New → In Progress |
assignee: | nobody → Dave McCowan (dave-mccowan) |
Changed in barbican: | |
importance: | Undecided → High |
milestone: | none → liberty-rc1 |
Changed in barbican: | |
importance: | High → Critical |
Changed in barbican: | |
status: | Fix Committed → Fix Released |
Changed in barbican: | |
milestone: | liberty-rc1 → 1.0.0 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/226161
Review: https:/