| 2016-12-13 10:07:10 |
Maurice Escher |
description |
I have project A with user Anna, who has a role representing nova admin assigned (needed to allow creation of private flavors).
I have project B with user Ben, who has a role representing nova admin assigned (needed to allow creation of private flavors).
Anna has no permission on project B.
Ben has no permission on project A.
Anna creates a private flavor 'A_private', gives flavor access to project A.
Expected behaviour: only Anna (or any other nova admin in project A) can perform actions on this flavor.
Issue: Ben can perform all sort of actions on the private flavor 'A_private' (read, delete, manage access, manage extra specs). |
I have project A with user Anna, who has a role representing nova admin assigned (needed to allow creation of private flavors).
I have project B with user Ben, who has a role representing nova admin assigned (needed to allow creation of private flavors).
Anna has no permission on project B.
Ben has no permission on project A.
Anna creates a private flavor 'A_private', gives flavor access to project A.
Expected behaviour: only Anna (or any other nova admin in project A) can perform actions on this flavor.
Issue: Ben can perform all sort of actions on the private flavor 'A_private' (read, delete, manage access, manage extra specs).
Observed in Mitaka, but I haven't seen any updates related to this, so this should be the same in master. Please correct me if I'm wrong. |
|
