)]}'
{"cinder/api/v2/views/volumes.py":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"812726ea0aea0f4907f89cce867de529cb08900a","unresolved":false,"context_lines":[{"line_number":77,"context_line":"                \u0027availability_zone\u0027: volume.get(\u0027availability_zone\u0027),"},{"line_number":78,"context_line":"                \u0027created_at\u0027: volume.get(\u0027created_at\u0027),"},{"line_number":79,"context_line":"                \u0027updated_at\u0027: volume.get(\u0027updated_at\u0027),"},{"line_number":80,"context_line":"                \u0027attachments\u0027: self._get_attachments(volume),"},{"line_number":81,"context_line":"                \u0027name\u0027: volume.get(\u0027display_name\u0027),"},{"line_number":82,"context_line":"                \u0027description\u0027: volume.get(\u0027display_description\u0027),"},{"line_number":83,"context_line":"                \u0027volume_type\u0027: self._get_volume_type(volume),"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4c43b2_78f52583","line":80,"updated":"2020-04-16 22:09:15.000000000","message":"This seems to change the response for non-admins -- they used to not have an \u0027attachments\u0027 field, and now they will.","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"ef325adf05f9a9d6a61e07244329bb2a7401e190","unresolved":false,"context_lines":[{"line_number":77,"context_line":"                \u0027availability_zone\u0027: volume.get(\u0027availability_zone\u0027),"},{"line_number":78,"context_line":"                \u0027created_at\u0027: volume.get(\u0027created_at\u0027),"},{"line_number":79,"context_line":"                \u0027updated_at\u0027: volume.get(\u0027updated_at\u0027),"},{"line_number":80,"context_line":"                \u0027attachments\u0027: self._get_attachments(volume),"},{"line_number":81,"context_line":"                \u0027name\u0027: volume.get(\u0027display_name\u0027),"},{"line_number":82,"context_line":"                \u0027description\u0027: volume.get(\u0027display_description\u0027),"},{"line_number":83,"context_line":"                \u0027volume_type\u0027: self._get_volume_type(volume),"}],"source_content_type":"text/x-python","patch_set":3,"id":"1f493fa4_0dc8a1a3","line":80,"in_reply_to":"3f4c43b2_78f52583","updated":"2020-04-30 13:59:57.000000000","message":"This doesn\u0027t seem right -- I must\u0027ve been comparing to PS1 or PS2 and not the Base.","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"812726ea0aea0f4907f89cce867de529cb08900a","unresolved":false,"context_lines":[{"line_number":98,"context_line":"            context.authorize(attachment_policy.GET_POLICY)"},{"line_number":99,"context_line":"        except exception.PolicyNotAuthorized:"},{"line_number":100,"context_line":"            if volume_ref.get(\u0027attachments\u0027):"},{"line_number":101,"context_line":"                volume_ref[\u0027volume\u0027][\u0027attachments\u0027][\u0027host_name\u0027] \u003d None"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"        if context.is_admin:"},{"line_number":104,"context_line":"            volume_ref[\u0027volume\u0027][\u0027migration_status\u0027] \u003d ("}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4c43b2_38871dda","line":101,"updated":"2020-04-16 22:09:15.000000000","message":"If the policy check fails, you zero out the host_name -- but the default for that policy is admin_or_owner, so the host_name will be exposed to the owner, who could be a non-admin.  So I don\u0027t think this addresses the bug.\n\nAlso -- Jeremy\u0027s point is that you could expose this info to a non-admin user by hashing the host name with sha256 or something.  That way, the end user could tell that volumes are on different hosts, but not be able to tell what the actual host name is.  (But while nova has a use case for that, I don\u0027t think cinder does.)","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":27615,"name":"Rajat Dhasmana","email":"rajatdhasmana@gmail.com","username":"whoami-rajat"},"change_message_id":"499c44b9f5d69e8b6b655248637590ab0652ce33","unresolved":false,"context_lines":[{"line_number":98,"context_line":"            context.authorize(attachment_policy.GET_POLICY)"},{"line_number":99,"context_line":"        except exception.PolicyNotAuthorized:"},{"line_number":100,"context_line":"            if volume_ref.get(\u0027attachments\u0027):"},{"line_number":101,"context_line":"                volume_ref[\u0027volume\u0027][\u0027attachments\u0027][\u0027host_name\u0027] \u003d None"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"        if context.is_admin:"},{"line_number":104,"context_line":"            volume_ref[\u0027volume\u0027][\u0027migration_status\u0027] \u003d ("}],"source_content_type":"text/x-python","patch_set":3,"id":"1f493fa4_872113b7","line":101,"in_reply_to":"3f4c43b2_38871dda","updated":"2020-05-01 21:51:08.000000000","message":"Done","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"}],"cinder/api/v3/attachments.py":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"812726ea0aea0f4907f89cce867de529cb08900a","unresolved":false,"context_lines":[{"line_number":54,"context_line":"        context \u003d req.environ[\u0027cinder.context\u0027]"},{"line_number":55,"context_line":"        attachment \u003d objects.VolumeAttachment.get_by_id(context, id)"},{"line_number":56,"context_line":"        context.authorize(attachment_policy.GET_POLICY,"},{"line_number":57,"context_line":"                          target_obj\u003dattachment)"},{"line_number":58,"context_line":"        return attachment_views.ViewBuilder.detail(attachment)"},{"line_number":59,"context_line":""},{"line_number":60,"context_line":"    @wsgi.Controller.api_version(mv.NEW_ATTACH)"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4c43b2_5b0ae320","line":57,"updated":"2020-04-16 22:09:15.000000000","message":"Given that the default is admin_or_owner, isn\u0027t a non-admin still going to be able to see the host name? (see my comment in the view file)","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":27615,"name":"Rajat Dhasmana","email":"rajatdhasmana@gmail.com","username":"whoami-rajat"},"change_message_id":"499c44b9f5d69e8b6b655248637590ab0652ce33","unresolved":false,"context_lines":[{"line_number":54,"context_line":"        context \u003d req.environ[\u0027cinder.context\u0027]"},{"line_number":55,"context_line":"        attachment \u003d objects.VolumeAttachment.get_by_id(context, id)"},{"line_number":56,"context_line":"        context.authorize(attachment_policy.GET_POLICY,"},{"line_number":57,"context_line":"                          target_obj\u003dattachment)"},{"line_number":58,"context_line":"        return attachment_views.ViewBuilder.detail(attachment)"},{"line_number":59,"context_line":""},{"line_number":60,"context_line":"    @wsgi.Controller.api_version(mv.NEW_ATTACH)"}],"source_content_type":"text/x-python","patch_set":3,"id":"1f493fa4_c7279bc6","line":57,"in_reply_to":"3f4c43b2_5b0ae320","updated":"2020-05-01 21:51:08.000000000","message":"These policy checks doesn\u0027t make sense here and show be included in the views file.","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"}],"cinder/api/v3/views/attachments.py":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"812726ea0aea0f4907f89cce867de529cb08900a","unresolved":false,"context_lines":[{"line_number":32,"context_line":"            attached_at\u003dcls._normalize(attachment.attach_time),"},{"line_number":33,"context_line":"            detached_at\u003dcls._normalize(attachment.detach_time),"},{"line_number":34,"context_line":"            attach_mode\u003dattachment.attach_mode,"},{"line_number":35,"context_line":"            connection_info\u003dattachment.connection_info)"},{"line_number":36,"context_line":"        if flat:"},{"line_number":37,"context_line":"            return result"},{"line_number":38,"context_line":"        return {\u0027attachment\u0027: result}"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4c43b2_3818bd7f","line":35,"updated":"2020-04-16 22:09:15.000000000","message":"I think the bug is that the host name will show up in the connection_info; unlike the v2 view, we\u0027re not doing any filtering here based on whether this call is occurring in an administrative context.","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":27615,"name":"Rajat Dhasmana","email":"rajatdhasmana@gmail.com","username":"whoami-rajat"},"change_message_id":"499c44b9f5d69e8b6b655248637590ab0652ce33","unresolved":false,"context_lines":[{"line_number":32,"context_line":"            attached_at\u003dcls._normalize(attachment.attach_time),"},{"line_number":33,"context_line":"            detached_at\u003dcls._normalize(attachment.detach_time),"},{"line_number":34,"context_line":"            attach_mode\u003dattachment.attach_mode,"},{"line_number":35,"context_line":"            connection_info\u003dattachment.connection_info)"},{"line_number":36,"context_line":"        if flat:"},{"line_number":37,"context_line":"            return result"},{"line_number":38,"context_line":"        return {\u0027attachment\u0027: result}"}],"source_content_type":"text/x-python","patch_set":3,"id":"1f493fa4_67120764","line":35,"in_reply_to":"3f4c43b2_3818bd7f","updated":"2020-05-01 21:51:08.000000000","message":"Done","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"tag":"autogenerated:zuul:check","change_message_id":"ba2fb2d1c215e0f2e8bf3c96aaa9a703a9238e8f","unresolved":false,"context_lines":[{"line_number":72,"context_line":"    @classmethod"},{"line_number":73,"context_line":"    def list(cls, req, attachments, detail\u003dFalse):"},{"line_number":74,"context_line":"        \"\"\"Build a view of a list of attachments.\"\"\""},{"line_number":75,"context_line":"        func \u003d cls.detail if detail else cls.summary"},{"line_number":76,"context_line":"        if detail:"},{"line_number":77,"context_line":"            return {\u0027attachments\u0027: [cls.detail(req, attachment, list\u003ddetail,"},{"line_number":78,"context_line":"                                         flat\u003dTrue)"}],"source_content_type":"text/x-python","patch_set":6,"id":"1f493fa4_6d2bf781","line":75,"updated":"2020-05-04 07:28:39.000000000","message":"pep8: F841 local variable \u0027func\u0027 is assigned to but never used","commit_id":"2d47137b1299157898787e4b6161470e5214f89e"},{"author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"tag":"autogenerated:zuul:check","change_message_id":"ba2fb2d1c215e0f2e8bf3c96aaa9a703a9238e8f","unresolved":false,"context_lines":[{"line_number":75,"context_line":"        func \u003d cls.detail if detail else cls.summary"},{"line_number":76,"context_line":"        if detail:"},{"line_number":77,"context_line":"            return {\u0027attachments\u0027: [cls.detail(req, attachment, list\u003ddetail,"},{"line_number":78,"context_line":"                                         flat\u003dTrue)"},{"line_number":79,"context_line":"                                    for attachment in attachments]}"},{"line_number":80,"context_line":"        else:"},{"line_number":81,"context_line":"            return {\u0027attachments\u0027: [cls.summary(attachment, flat\u003dTrue)"}],"source_content_type":"text/x-python","patch_set":6,"id":"1f493fa4_cd204b9f","line":78,"updated":"2020-05-04 07:28:39.000000000","message":"pep8: E128 continuation line under-indented for visual indent","commit_id":"2d47137b1299157898787e4b6161470e5214f89e"}],"cinder/policies/attachments.py":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"812726ea0aea0f4907f89cce867de529cb08900a","unresolved":false,"context_lines":[{"line_number":80,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":81,"context_line":"        name\u003dGET_POLICY,"},{"line_number":82,"context_line":"        check_str\u003dbase.RULE_ADMIN_OR_OWNER,"},{"line_number":83,"context_line":"        description\u003d\"Show attachment(s).\","},{"line_number":84,"context_line":"        operations\u003d["},{"line_number":85,"context_line":"            {"},{"line_number":86,"context_line":"                \u0027method\u0027: \u0027GET\u0027,"}],"source_content_type":"text/x-python","patch_set":3,"id":"3f4c43b2_58102902","line":83,"range":{"start_line":83,"start_character":36,"end_line":83,"end_character":39},"updated":"2020-04-16 22:09:15.000000000","message":"isn\u0027t this always going to be 1 attachment?","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":27615,"name":"Rajat Dhasmana","email":"rajatdhasmana@gmail.com","username":"whoami-rajat"},"change_message_id":"499c44b9f5d69e8b6b655248637590ab0652ce33","unresolved":false,"context_lines":[{"line_number":80,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":81,"context_line":"        name\u003dGET_POLICY,"},{"line_number":82,"context_line":"        check_str\u003dbase.RULE_ADMIN_OR_OWNER,"},{"line_number":83,"context_line":"        description\u003d\"Show attachment(s).\","},{"line_number":84,"context_line":"        operations\u003d["},{"line_number":85,"context_line":"            {"},{"line_number":86,"context_line":"                \u0027method\u0027: \u0027GET\u0027,"}],"source_content_type":"text/x-python","patch_set":3,"id":"1f493fa4_071fc36b","line":83,"range":{"start_line":83,"start_character":36,"end_line":83,"end_character":39},"in_reply_to":"3f4c43b2_58102902","updated":"2020-05-01 21:51:08.000000000","message":"Done","commit_id":"2436a9464aaa9011842b2d74619e3adaeeeeb74d"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"3fb4ab31861d0d786f0adc1c3cf304f23e26f6c4","unresolved":false,"context_lines":[{"line_number":79,"context_line":"        ]),"},{"line_number":80,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":81,"context_line":"        name\u003dGET_POLICY,"},{"line_number":82,"context_line":"        check_str\u003dbase.RULE_ADMIN_API,"},{"line_number":83,"context_line":"        description\u003d\"Show attachment.\","},{"line_number":84,"context_line":"        operations\u003d["},{"line_number":85,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":8,"id":"3f65232a_74d416be","line":82,"range":{"start_line":82,"start_character":23,"end_line":82,"end_character":37},"updated":"2020-10-27 19:59:04.000000000","message":"This is only going to be available to project administrators? Or is this also going to be exposed to system users?","commit_id":"db3eacc143ec89542a263f0ccf99cc152f69a192"}]}