>-----Original Message----- >From: EXT Jay Pipes [mailto:[email protected]] >Sent: Friday, January 15, 2016 9:25 AM >To: [email protected] >Subject: Re: [openstack-dev] [Nova] Get-validserver-state default policy > >On 01/15/2016 01:50 AM, Juvonen, Tomi (Nokia - FI/Espoo) wrote: >> This API change was agreed is the spec review to be "rule: >> admin_or_owner", but during code review "rule: admin_api" was also wanted. >> Link to spec to see details what this is about >> (https://review.openstack.org/192246/): >> _http://specs.openstack.org/openstack/nova-specs/specs/mitaka/approved/get-valid-server-state.html_ >> In my deployment where this is crucial information for the owner, this >> will certainly be "admin_or_owner". The question is now what is the >> general feeling about the default value in policy.json and should it >> just be as agreed in spec or should it be changed still. > >The host state is NOT something that a regular cloud user should be able >to query, IMHO. Only admins should be able to see anything about the >underlying compute hardware. > >Exposing hardware information and statuses out through the REST API is a >bad leak of implementation.
Jay, yes agreed in code review. The question just rose again as the code change was against spec. I guess the spec can still be revisited. I have a small bit to spec anyhow, so can make "rule: admin_api" at the same :) Br, Tomi >Best, >-jay __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
