[openstack-dev] [Neutron] Elevating context to remove subnets created by admin

Darek Smigiel smigiel.dariusz at gmail.com
Fri Jun 3 17:16:20 UTC 2016


Hello,
Doing reviews I noticed, that Liu Yong submitted a bug [1] where we have a problem with removing subnets.

In short: if tenant wants to delete network with subnets, where at least one of subnets is created by admin, he’s not able to do this.
Liu also prepared bugfix for it [2], but now it’s starting to be much more complicated.

What is desired solution in this case?
One of suggestions is to elevate context, remove all subnets and nuke everything. It can cause a problem, when one tenant can remove others’ tenant subnets.
The other is to just show info to tenant, that he’s not allowed to delete network. But in the same time, it could be strange, that owner is not able to just get rid of *his* network and subnets.

If you have any opinions, suggestions, please feel free to share

[1] https://bugs.launchpad.net/neutron/+bug/1588228
[2] https://review.openstack.org/#/c/324617/


Darek


More information about the OpenStack-dev mailing list