[openstack-dev] [all] making project_id optional in API URLs
Adam Young
ayoung at redhat.com
Tue Dec 8 22:59:53 UTC 2015
On 12/08/2015 05:55 PM, michael mccune wrote:
> On 12/03/2015 12:06 PM, Sean Dague wrote:
>> So, for Cinder, Glance, Ironic, Manila, Magnum (and others I might have
>> missed) where are you standing on this one? And are there volunteers in
>> those projects to help move this forward?
>
> i'm +1 for removing the project_id from the url.
I think it is kindof irrelevant. It can be there or not be there in the
URL itself, so long as it does not show up in the service catalog. From
an policy standpoint, having the project in the URL means that you can
do an access control check without fetching the object from the
database; you should, however, confirm that the object return belongs to
the project at a later point.
>
> sahara uses it in the url for the v1 and v1.1 apis, but we are
> planning to remove it for the v2 api[1].
>
> mike
>
> [1]: https://review.openstack.org/#/c/212172/
>
>
> __________________________________________________________________________
>
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe:
> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
More information about the OpenStack-dev
mailing list