Comment 4 for bug 1689510

Thanks for confirming Brian.

I can understand the reason. However, would it not make more sense to display the correct information by default? Operators could always, for security reasons, tighten the policy to admin-only.

Also, if you want to hide this from users then it would also make more sense to have the API not output these fields to regular users when the policy is admin-only in stead of knowingly providing wrong information.

Just my 2 cents as both an OpenStack operator and user.