Do not send shared param when not allowed.

When a user changes the name of a network,
neutron returns a 403 error.
Even if the user only changes the name and doesn't
change the shared state, Horizon send
the shared data to neutron and neutron returns
 403 when the user doesn't have admin rights

Change-Id: I52726b7215acb877f38069c95d190eb36399954f
Closes-Bug: #1609467
This commit is contained in:
zarrouk 2016-08-03 17:43:14 +02:00
parent cb0abbd553
commit 28c443f4e3
1 changed files with 6 additions and 2 deletions

View File

@ -57,8 +57,12 @@ class UpdateNetwork(forms.SelfHandlingForm):
def handle(self, request, data):
try:
params = {'admin_state_up': (data['admin_state'] == 'True'),
'name': data['name'],
'shared': data['shared']}
'name': data['name']}
# Make sure we are not sending shared data when the user
# doesnt'have admin rights because even if the user doesn't
# change it neutron sends back a 403 error
if policy.check((("network", "update_network:shared"),), request):
params['shared'] = data['shared']
network = api.neutron.network_update(request,
data['network_id'],
**params)