Eoghan Glynn e538f84cfe Verify user/project ID for alarm created by non-admin user ...

Fixes bug 1297677

Previously, when a non-admin user created an alarm on behalf of
another user, the ownership of the alarm silently reverted to the
requestor's identity.

Now, we check for this case and fail with 401 Not Authorized when
a non-admin user attempts to create an alarm explicitly associated
with another identity.

Change-Id: I8f372b1523012990b8f1d48b03cf9ed9cef65c60

2014-03-27 08:04:58 +00:00

..

controllers

Verify user/project ID for alarm created by non-admin user

2014-03-27 08:04:58 +00:00

v1

Remove unused db engine variable in api

2014-01-27 13:15:51 +01:00

__init__.py

Improve help strings

2014-02-08 06:46:32 +01:00

acl.py

api: allow alarm creation for others project by admins

2013-10-01 15:51:50 +02:00

app.py

Eventlet monkeypatch must be done before anything

2014-03-18 08:57:31 +01:00

app.wsgi

Add sample configuration files for mod_wsgi

2013-03-08 16:10:37 -05:00

config.py

Move enable_acl and debug config to ceilometer.conf

2014-01-21 17:40:17 +01:00

hooks.py

Decouple source and sink configuration for pipelines

2014-03-04 07:35:18 +00:00

middleware.py

Update oslo

2014-01-16 15:00:50 +01:00