OpenStack Dashboard (Horizon)

Add allowed address pair button is only visible to admin

Bug #1794421 reported by Lars Erik Pedersen
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
Medium
Shilpa Devharakar
OpenStack Dashboard (Horizon) train-rc1

Bug Description

In Queens (openstack-dashboard 3:13.0.1-0ubuntu1~cloud0), when logging into Horizon in context of a _member_ in any project, the "Add allowed address pair" button in "Network" -> "Networks" -> <select a network> -> "Ports" -> <select a port> -> "Allowed address pairs" is not visible.

When accessing the same panel in context of a project where the user has the admin role, the "add"-button is visible and functional.

I consider this to be a horizon/dashboard bug, beacause I am able to add an allowed address pair to a port with the "neutron port-update" command in context of a non-admin user.

Ivan Kolodyazhny (e0ne)
Changed in horizon:
status: New → Confirmed
importance: Undecided → Medium
tags: added: neutron
Revision history for this message
Akihiro Motoki (amotoki) wrote :

policy_rules for allowed_address_pairs is correct [1] and the corresponding policy.json from neutron is correct too [2].

The policy for allowed_address_pairs contains a network owner check like below.
  "update_port:allowed_address_pairs": "rule:admin_or_network_owner"
I wonder the network information is not passed correctly to the policy check function.

[1] http://git.openstack.org/cgit/openstack/horizon/tree/openstack_dashboard/dashboards/project/networks/ports/extensions/allowed_address_pairs/tables.py#n37
[2] http://git.openstack.org/cgit/openstack/horizon/tree/openstack_dashboard/conf/neutron_policy.json#n96

Changed in horizon:
assignee: nobody → Akihiro Motoki (amotoki)
Revision history for this message
Akihiro Motoki (amotoki) wrote :

Temporarily assigning me as I cannot work on this soon

Changed in horizon:
assignee: Akihiro Motoki (amotoki) → nobody
Revision history for this message
Lars Erik Pedersen (pedersen-larserik) wrote :

Would this be looked in to soon? :-)

Shilpa Devharakar (shilpasd)
Changed in horizon:
assignee: nobody → Shilpa Devharakar (shilpasd)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.opendev.org/679967

Changed in horizon:
status: Confirmed → In Progress
Akihiro Motoki (amotoki)
Changed in horizon:
milestone: none → train-rc1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.opendev.org/679967
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=87b57dfe7113da09715d5613ab9c91c15a75c189
Submitter: Zuul
Branch: master

commit 87b57dfe7113da09715d5613ab9c91c15a75c189
Author: Shilpa Devharakar <email address hidden>
Date: Thu Aug 22 14:29:41 2019 +0530

    Add Allowed Address Pair/Delete buttons are only visible to admin

    Initially In Queens, when logging into Horizon in context
    of a _member_ in any project, the "Add Allowed Address Pair"
    and "Delete" buttons in "Network" -> "Networks" ->
    <select a network> -> "Ports" -> <select a port> ->
    "Allowed Address Pairs" are not visible.

    When accessing the same panel in context of a project where the user
    has the admin role, the "Add" and "Delete" button is visible and
    functional.

    This patch fixes the above issue by updating the policy_target.

    Change-Id: Ia7db6c2881c72580a156eb97b11bb51f295cfbce
    Closes-Bug: #1794421

Changed in horizon:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (stable/stein)

Fix proposed to branch: stable/stein
Review: https://review.opendev.org/684862

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (stable/rocky)

Fix proposed to branch: stable/rocky
Review: https://review.opendev.org/684922

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.opendev.org/685045

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 16.0.0.0rc1

This issue was fixed in the openstack/horizon 16.0.0.0rc1 release candidate.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (stable/rocky)

Reviewed: https://review.opendev.org/684922
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=83855762fb6af0f560de9432512aa488377e9e21
Submitter: Zuul
Branch: stable/rocky

commit 83855762fb6af0f560de9432512aa488377e9e21
Author: Shilpa Devharakar <email address hidden>
Date: Thu Aug 22 14:29:41 2019 +0530

    Add Allowed Address Pair/Delete buttons are only visible to admin

    Initially In Queens, when logging into Horizon in context
    of a _member_ in any project, the "Add Allowed Address Pair"
    and "Delete" buttons in "Network" -> "Networks" ->
    <select a network> -> "Ports" -> <select a port> ->
    "Allowed Address Pairs" are not visible.

    When accessing the same panel in context of a project where the user
    has the admin role, the "Add" and "Delete" button is visible and
    functional.

    This patch fixes the above issue by updating the policy_target.

    Change-Id: Ia7db6c2881c72580a156eb97b11bb51f295cfbce
    Closes-Bug: #1794421
    (cherry picked from commit 87b57dfe7113da09715d5613ab9c91c15a75c189)

tags: added: in-stable-rocky
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (stable/queens)

Reviewed: https://review.opendev.org/685045
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=d8ae1d05920f144531fe16a70e80f9871c37675f
Submitter: Zuul
Branch: stable/queens

commit d8ae1d05920f144531fe16a70e80f9871c37675f
Author: Shilpa Devharakar <email address hidden>
Date: Thu Aug 22 14:29:41 2019 +0530

    Add Allowed Address Pair/Delete buttons are only visible to admin

    Initially In Queens, when logging into Horizon in context
    of a _member_ in any project, the "Add Allowed Address Pair"
    and "Delete" buttons in "Network" -> "Networks" ->
    <select a network> -> "Ports" -> <select a port> ->
    "Allowed Address Pairs" are not visible.

    When accessing the same panel in context of a project where the user
    has the admin role, the "Add" and "Delete" button is visible and
    functional.

    This patch fixes the above issue by updating the policy_target.

    Conflicts:
        openstack_dashboard/dashboards/admin/networks/ports/tests.py
        openstack_dashboard/dashboards/project/networks/ports/tests.py

    Change-Id: Ia7db6c2881c72580a156eb97b11bb51f295cfbce
    Closes-Bug: #1794421
    (cherry picked from commit 87b57dfe7113da09715d5613ab9c91c15a75c189)

tags: added: in-stable-queens
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (stable/stein)

Reviewed: https://review.opendev.org/684862
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=78574736a52656c6d9fba92634bf58e0ad03915a
Submitter: Zuul
Branch: stable/stein

commit 78574736a52656c6d9fba92634bf58e0ad03915a
Author: Shilpa Devharakar <email address hidden>
Date: Thu Aug 22 14:29:41 2019 +0530

    Add Allowed Address Pair/Delete buttons are only visible to admin

    Initially In Queens, when logging into Horizon in context
    of a _member_ in any project, the "Add Allowed Address Pair"
    and "Delete" buttons in "Network" -> "Networks" ->
    <select a network> -> "Ports" -> <select a port> ->
    "Allowed Address Pairs" are not visible.

    When accessing the same panel in context of a project where the user
    has the admin role, the "Add" and "Delete" button is visible and
    functional.

    This patch fixes the above issue by updating the policy_target.

    Change-Id: Ia7db6c2881c72580a156eb97b11bb51f295cfbce
    Closes-Bug: #1794421
    (cherry picked from commit 87b57dfe7113da09715d5613ab9c91c15a75c189)

tags: added: in-stable-stein
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 13.0.3

This issue was fixed in the openstack/horizon 13.0.3 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 14.0.4

This issue was fixed in the openstack/horizon 14.0.4 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/horizon 15.1.1

This issue was fixed in the openstack/horizon 15.1.1 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.