Public bug reported: Currently, neutron quota API accept invalid tenant_id value without validation. Even user can add arbitrary quota entry which is not existed because by default quota engine create new entry if the queried entry is not found.
This bug is also found across the other openstack projects (nova, trove ..) using similar quota logic, and nova side there was commit to fix it (https://review.openstack.org/#/c/435010/). I found neutron did not have any similar approach, so It worth to talk about the solution. (which access to keystone API in the middle of quota API). ** Affects: neutron Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1771781 Title: Quota does not check invalid tenant_id Status in neutron: New Bug description: Currently, neutron quota API accept invalid tenant_id value without validation. Even user can add arbitrary quota entry which is not existed because by default quota engine create new entry if the queried entry is not found. This bug is also found across the other openstack projects (nova, trove ..) using similar quota logic, and nova side there was commit to fix it (https://review.openstack.org/#/c/435010/). I found neutron did not have any similar approach, so It worth to talk about the solution. (which access to keystone API in the middle of quota API). To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1771781/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp