Don't allow the user to pass in a trust ID
Since Aodh uses trust IDs stored in alarm URLs unconditionally - without
checking for tenant safety - it is not safe to allow users to pass in their own
trust IDs. Forbid this and allow only trusts created by Aodh to be used. It is
highly unlikely that there is any (legitimate) use of this feature in the wild,
since allowing Aodh to create the trust is easier anyway.
(cherry-picked from cb90d3ad47
)
Change-Id: I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851
Closes-Bug: #1649333
This commit is contained in:
parent
f87e0d05c4
commit
1f954b3b82
|
@ -412,6 +412,9 @@ class Alarm(base.Base):
|
|||
url = list(url)
|
||||
url[1] = netloc
|
||||
actions[index] = urlparse.urlunsplit(url)
|
||||
else:
|
||||
errmsg = _("trust URL cannot contain a trust ID.")
|
||||
raise base.ClientSideError(errmsg)
|
||||
if old_alarm:
|
||||
new_actions = list(itertools.chain(
|
||||
self.ok_actions or [],
|
||||
|
|
|
@ -27,7 +27,7 @@ class TrustRestAlarmNotifier(rest.RestAlarmNotifier):
|
|||
keystone authentication. It uses the aodh service user to
|
||||
authenticate using the trust ID provided.
|
||||
|
||||
The URL must be in the form trust+http://trust-id@host/action.
|
||||
The URL must be in the form trust+http://host/action.
|
||||
"""
|
||||
|
||||
def notify(self, action, alarm_id, alarm_name, severity, previous, current,
|
||||
|
|
Loading…
Reference in New Issue