Stop raising 403 when image is not found
Glance has a vestigial policy override knob that allows an operator to force a 403 response when attempting to get an image from the DB that is not found. This runs contrary to the API documentation, and creates a (potential) interoperability concern across clouds with differing policies on this topic. This removes that override and changes the test from validating this override to validating that it can no longer happen. APIImpact Change-Id: Ie24e3eb2f31d10d2ab9af62a0b645e8bdd0c2ff2 Closes-Bug: #1915543
This commit is contained in:
parent
ed930ec512
commit
2bfdc87a8c
@ -114,12 +114,7 @@ class ImageRepoProxy(glance.domain.proxy.Repo):
|
|||||||
item_proxy_kwargs=proxy_kwargs)
|
item_proxy_kwargs=proxy_kwargs)
|
||||||
|
|
||||||
def get(self, image_id):
|
def get(self, image_id):
|
||||||
try:
|
|
||||||
image = super(ImageRepoProxy, self).get(image_id)
|
image = super(ImageRepoProxy, self).get(image_id)
|
||||||
except exception.NotFound:
|
|
||||||
self.policy.enforce(self.context, 'get_image', {})
|
|
||||||
raise
|
|
||||||
else:
|
|
||||||
self.policy.enforce(self.context, 'get_image',
|
self.policy.enforce(self.context, 'get_image',
|
||||||
dict(ImageTarget(image)))
|
dict(ImageTarget(image)))
|
||||||
return image
|
return image
|
||||||
|
@ -1940,7 +1940,7 @@ class TestImages(functional.FunctionalTest):
|
|||||||
|
|
||||||
headers['X-Tenant-Id'] = TENANT2
|
headers['X-Tenant-Id'] = TENANT2
|
||||||
response = requests.get(path, headers=headers)
|
response = requests.get(path, headers=headers)
|
||||||
self.assertEqual(http.FORBIDDEN, response.status_code)
|
self.assertEqual(http.NOT_FOUND, response.status_code)
|
||||||
|
|
||||||
self.stop_servers()
|
self.stop_servers()
|
||||||
|
|
||||||
|
@ -3478,10 +3478,12 @@ class TestImagesControllerPolicies(base.IsolatedUnitTest):
|
|||||||
request)
|
request)
|
||||||
|
|
||||||
def test_show_unauthorized(self):
|
def test_show_unauthorized(self):
|
||||||
|
# Make sure that if policy says we can't see the image that we get a
|
||||||
|
# NotFound result instead of a Forbidden one.
|
||||||
rules = {"get_image": False}
|
rules = {"get_image": False}
|
||||||
self.policy.set_rules(rules)
|
self.policy.set_rules(rules)
|
||||||
request = unit_test_utils.get_fake_request()
|
request = unit_test_utils.get_fake_request()
|
||||||
self.assertRaises(webob.exc.HTTPForbidden, self.controller.show,
|
self.assertRaises(webob.exc.HTTPNotFound, self.controller.show,
|
||||||
request, image_id=UUID2)
|
request, image_id=UUID2)
|
||||||
|
|
||||||
def test_create_image_unauthorized(self):
|
def test_create_image_unauthorized(self):
|
||||||
|
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
deprecations:
|
||||||
|
- |
|
||||||
|
The policy check that we ran when an image is not found is
|
||||||
|
removed. This previously allowed an operator to override the
|
||||||
|
behavior of a 404 to be a 403, in contrast to the API
|
||||||
|
documentation and design goals of defaulting to 404 for
|
||||||
|
information-hiding reasons. This check is no longer run in the
|
||||||
|
case of a NotFound result from the database, so any policy
|
||||||
|
attempting to control that behavior will be ignored from now on.
|
Loading…
Reference in New Issue
Block a user