[Openstack-security] [openstack/keystone] SecurityImpact review request change I4cc3fd9e0958c3f7fda83ad696807a7c8f63cecb
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Mon Apr 3 18:23:21 UTC 2017
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/401808
Log:
commit 5565811c48aa8c86a71b095475ac67e5aab843e5
Author: Adam Young <ayoung at redhat.com>
Date: Thu Nov 3 20:13:07 2016 -0400
URL pattern based RBAC Management Interface
A new entity in the Role backend that maps from
VERB URL-Pattern to Role.
I.E. from GET /v2/users to Member
Beyond the backend and CRUD API for URL patterns
there is also a Bulk Upload and management API.
No RBAC enforcement is done in this commit, just
management of the data that will be used in
Keystone middleware.
blueprint role-check-from-middleware
SecurityImpact
APIImpact
Co-Authored-By: Kristi Nikolla <knikolla at bu.edu>
Change-Id: I4cc3fd9e0958c3f7fda83ad696807a7c8f63cecb
More information about the Openstack-security
mailing list