When a non-admin user tries to list security groups for project_id "None", Neutron creates a default security group for that project and returns and empty list to the caller.
To reproduce:
openstack --os-cloud devstack security group list --project None
openstack --os-cloud devstack-admin security group list
The API call that is made is essentially
GET /networking/v2.0/security-groups?project_id=None
The expected result would be an authorization failure, since normal users should not be allowed to list security groups for other projects.
When a non-admin user tries to list security groups for project_id "None", Neutron creates a default security group for that project and returns and empty list to the caller.
To reproduce:
openstack --os-cloud devstack security group list --project None
openstack --os-cloud devstack-admin security group list
The API call that is made is essentially
GET /networking/ v2.0/security- groups? project_ id=None
The expected result would be an authorization failure, since normal users should not be allowed to list security groups for other projects.