[Expired for OpenStack Dashboard (Horizon) because there has been no
activity for 60 days.]
** Changed in: horizon
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1256215
Title:
Page not redirect success when user get an unauthorized error
Status in OpenStack Dashboard (Horizon):
Expired
Bug description:
We want to define that only admin, project admin and instance creator could
update/delete/get the instance.
For the purposes. we define the nova policy as below:
"project_admin": "project_id:%(project_id)s and role:ProjectAdmin",
"admin_or_project_admin": "is_admin:True or rule:project_admin",
"admin_or_user": "rule:admin_or_project_admin or
user_id:%(user_id)s",
"default": "rule:admin_or_user",
then, we found that if a user want to get detail of an instance which is not
belong to him,
the page will crash, and the traceback is:
File
"/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/instances/views.py",
line 239, in get_tabs
instance = self.get_data()
File
"/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/project/instances/views.py",
line 235, in get_data
self._instance = instance
UnboundLocalError: local variable 'instance' referenced before assignment
In the get_data function, we expect there will be an authorization error, and
should be catch and redirect to 'horizon:project:instances:index'
But we found that in the function "exceptions.handle", if the exc_type is
"UNAUTHORIZED", it will not handle the redirect parameter
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1256215/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
