)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":33807,"name":"Jacob Wang","email":"jacob_wang1@dell.com","username":"jacob0522"},"change_message_id":"b8b11e54fdbe467cda7170a2fca204f749c004dd","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":8,"id":"12af926b_40919ce3","updated":"2023-07-24 08:51:47.000000000","message":"run-DellEMC PowerStore CI","commit_id":"10722ad317314b30408323443d4a465499e452a5"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":13,"id":"ecf9c488_2d97077e","updated":"2023-08-03 15:15:36.000000000","message":"Thanks for the review, Goutham! Please take a look at the comments inline :)","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":13,"id":"52d84870_d4813873","updated":"2023-08-01 23:46:59.000000000","message":"Thanks for working on this Carlos; some comments inline.. could you also add/fix the reno the previous patch adds?","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":35677,"name":"Thiago José de Andrade Alvoravel","display_name":"Thiago Alvoravel","email":"thiago.andrade@fit-tecnologia.org.br","username":"thiagoalvoravel"},"change_message_id":"fcc4b0ba28acad5e21737ac55dd42b49ad82b2e4","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":16,"id":"7eb47ce0_5cef7bb5","updated":"2023-08-09 21:09:19.000000000","message":"Thanks for this patch, Carlos. Just comments about UTs. Let me know WDYT about them.","commit_id":"93dc6daba6486b7c8da8be9aab8a2d08b1b5e5f3"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":18,"id":"015ab550_cfda9105","updated":"2023-08-21 22:36:57.000000000","message":"Hi Carlos, several comments inline.. also, this is missing a release note..","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":35677,"name":"Thiago José de Andrade Alvoravel","display_name":"Thiago Alvoravel","email":"thiago.andrade@fit-tecnologia.org.br","username":"thiagoalvoravel"},"change_message_id":"a34660f6f93f0792c4b0f7ba58b01e331158b3dd","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":18,"id":"8d202259_e6e304a9","updated":"2023-08-21 17:55:34.000000000","message":"Thanks Carlos, my comments have been addressed.","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"8aaa5f901f1a4f36911aaa516e063deb025e9cf3","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":18,"id":"b45127e8_c2345935","updated":"2023-08-18 14:38:40.000000000","message":"Thanks for the reviews, Thiago! Please take a look at the most recent changes.\nthere is one bit missing on this implementation: allowing access rules to be filtered by access_to/access_key. I\u0027ll work on it next monday.","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":20,"id":"9b6d1ac0_8c415458","updated":"2023-08-23 23:20:18.000000000","message":"Hi carlos, some issues inline, most of these are minor.. we can discuss and plan the changes if necessary","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":20,"id":"07ebf1bb_ec21ac5a","updated":"2023-08-23 15:13:47.000000000","message":"Thank you for the review, Goutham! Please take another look","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"54228bda1f451cec917afc2d0e9d28ee50e35378","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":20,"id":"cf33dba7_b2efa326","updated":"2023-08-23 20:43:05.000000000","message":"recheck\nShare groups/share server known issue in the dummy driver job","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"be01d6f3e1edc5f72faa0e4621af8f18cefe827e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"5e95b842_9ca1ca4f","updated":"2023-08-28 13:13:23.000000000","message":"Hi, haixin! I have submitted the follow-up change: https://review.opendev.org/c/openstack/manila/+/892920\nPlease take a look :)","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"4cb1f3a1_b83c6264","updated":"2023-08-24 17:55:19.000000000","message":"Thank you for the review, Goutham! Plase take a look at the changes.","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"6525a64e08448f050a9a1a9f7adca6edc6de6d63","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"97d9be5f_20f2a918","updated":"2023-08-25 13:13:32.000000000","message":"Thank you very much for the review, Haixin! please take a look at the comments inline","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"bfb9e22c50d5bf093937bee72c19927bd8b68ed5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"fdf8224b_48770878","updated":"2023-08-24 19:58:51.000000000","message":"This looks good to me - thanks Carlos; if there are changes necessary because of tempest failures and such, we\u0027ll have an opportunity to fix; please feel free to push another patch with the db api rearrangement, or do a follow up. It\u0027s a minor improvement. \n\nThanks!","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":30407,"name":"haixin","email":"haixin_haixin@qq.com","username":"haixin"},"change_message_id":"4cc97a6c0c86f2e5e271e1bf53aac3c9e3d206c3","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"0373ff46_c7af0d44","updated":"2023-08-25 07:10:57.000000000","message":"almost look good, just two comments.\nthanks for the change!","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":30407,"name":"haixin","email":"haixin_haixin@qq.com","username":"haixin"},"change_message_id":"f6a34d342d6164fdf7c3c0b921f802c07b8ddd19","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"01832bc5_4819857c","updated":"2023-08-28 01:25:54.000000000","message":"let\u0027s merge this change.","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":30407,"name":"haixin","email":"haixin_haixin@qq.com","username":"haixin"},"change_message_id":"9b817461b5396cf322a988cbc6a629c232fb8d1e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"90cfbe90_785c98f1","updated":"2023-08-28 01:25:12.000000000","message":"thanks for the change.","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"}],"api-ref/source/parameters.yaml":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":1641,"context_line":"  min_version: 2.82"},{"line_number":1642,"context_line":"lock_visibility:"},{"line_number":1643,"context_line":"  description: |"},{"line_number":1644,"context_line":"    Whether the resource should have its sensible fields restricted or not."},{"line_number":1645,"context_line":"  in: body"},{"line_number":1646,"context_line":"  required: false"},{"line_number":1647,"context_line":"  type: string"}],"source_content_type":"text/x-yaml","patch_set":18,"id":"72a33183_bf517fef","line":1644,"range":{"start_line":1644,"start_character":74,"end_line":1644,"end_character":75},"updated":"2023-08-21 22:36:57.000000000","message":"When enabled, other users will see the \"access_to\" and \"access_secret\" fields set to `******`","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":1641,"context_line":"  min_version: 2.82"},{"line_number":1642,"context_line":"lock_visibility:"},{"line_number":1643,"context_line":"  description: |"},{"line_number":1644,"context_line":"    Whether the resource should have its sensible fields restricted or not."},{"line_number":1645,"context_line":"  in: body"},{"line_number":1646,"context_line":"  required: false"},{"line_number":1647,"context_line":"  type: string"}],"source_content_type":"text/x-yaml","patch_set":18,"id":"a1cf87b5_c0f55748","line":1644,"range":{"start_line":1644,"start_character":41,"end_line":1644,"end_character":49},"updated":"2023-08-21 22:36:57.000000000","message":"sensitive","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":1641,"context_line":"  min_version: 2.82"},{"line_number":1642,"context_line":"lock_visibility:"},{"line_number":1643,"context_line":"  description: |"},{"line_number":1644,"context_line":"    Whether the resource should have its sensible fields restricted or not."},{"line_number":1645,"context_line":"  in: body"},{"line_number":1646,"context_line":"  required: false"},{"line_number":1647,"context_line":"  type: string"}],"source_content_type":"text/x-yaml","patch_set":18,"id":"9d404d11_c5773f6a","line":1644,"range":{"start_line":1644,"start_character":74,"end_line":1644,"end_character":75},"in_reply_to":"72a33183_bf517fef","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":1641,"context_line":"  min_version: 2.82"},{"line_number":1642,"context_line":"lock_visibility:"},{"line_number":1643,"context_line":"  description: |"},{"line_number":1644,"context_line":"    Whether the resource should have its sensible fields restricted or not."},{"line_number":1645,"context_line":"  in: body"},{"line_number":1646,"context_line":"  required: false"},{"line_number":1647,"context_line":"  type: string"}],"source_content_type":"text/x-yaml","patch_set":18,"id":"aef1bbcb_868a2bdf","line":1644,"range":{"start_line":1644,"start_character":41,"end_line":1644,"end_character":49},"in_reply_to":"a1cf87b5_c0f55748","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":3933,"context_line":"  type: string"},{"line_number":3934,"context_line":"unrestrict_access:"},{"line_number":3935,"context_line":"  description: |"},{"line_number":3936,"context_line":"    Whether Manila should attempt to remove deletion restrictions during the"},{"line_number":3937,"context_line":"    access rule deletion or not."},{"line_number":3938,"context_line":"  in: body"},{"line_number":3939,"context_line":"  required: false"}],"source_content_type":"text/x-yaml","patch_set":18,"id":"9a2ac956_1e15f74d","line":3936,"range":{"start_line":3936,"start_character":12,"end_line":3936,"end_character":18},"updated":"2023-08-21 22:36:57.000000000","message":"the service","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":3933,"context_line":"  type: string"},{"line_number":3934,"context_line":"unrestrict_access:"},{"line_number":3935,"context_line":"  description: |"},{"line_number":3936,"context_line":"    Whether Manila should attempt to remove deletion restrictions during the"},{"line_number":3937,"context_line":"    access rule deletion or not."},{"line_number":3938,"context_line":"  in: body"},{"line_number":3939,"context_line":"  required: false"}],"source_content_type":"text/x-yaml","patch_set":18,"id":"d0abca5a_25afc74f","line":3936,"range":{"start_line":3936,"start_character":12,"end_line":3936,"end_character":18},"in_reply_to":"9a2ac956_1e15f74d","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"}],"api-ref/source/share-access-rules.inc":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":8,"context_line":"Retrieve details about access rules"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":".. note::"},{"line_number":11,"context_line":"  Starting from API version 2.82, if an access rule had its visibility"},{"line_number":12,"context_line":"  restricted by another service, a system admin, or a different user, the"},{"line_number":13,"context_line":"  content of the ``access_to`` and ``access_key`` fields will be redacted."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"Describe share access rule"},{"line_number":16,"context_line":"~~~~~~~~~~~~~~~~~~~~~~~~~~"}],"source_content_type":"text/x-c++src","patch_set":20,"id":"7859a26c_8e031396","line":13,"range":{"start_line":11,"start_character":2,"end_line":13,"end_character":74},"updated":"2023-08-23 23:20:18.000000000","message":"i\u0027d suggest a slight reframing to clarify an important point:\n\n  Starting from API version 2.82, access rule visibility can be restricted\n  by a project user, or any user with \"service\" or \"admin\" roles. When\n  restricted, the ``access_to`` and ``access_key`` fields will be redacted\n  to other users. This redaction applies irrespective of the API version.","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":8,"context_line":"Retrieve details about access rules"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":".. note::"},{"line_number":11,"context_line":"  Starting from API version 2.82, if an access rule had its visibility"},{"line_number":12,"context_line":"  restricted by another service, a system admin, or a different user, the"},{"line_number":13,"context_line":"  content of the ``access_to`` and ``access_key`` fields will be redacted."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"Describe share access rule"},{"line_number":16,"context_line":"~~~~~~~~~~~~~~~~~~~~~~~~~~"}],"source_content_type":"text/x-c++src","patch_set":20,"id":"b8c4e5a6_50df406b","line":13,"range":{"start_line":11,"start_character":2,"end_line":13,"end_character":74},"in_reply_to":"7859a26c_8e031396","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":79,"context_line":"  This API replaces the older :ref:`List share access rules"},{"line_number":80,"context_line":"  \u003cget-access-rules-before-2-45\u003e` API from version 2.45."},{"line_number":81,"context_line":""},{"line_number":82,"context_line":".. note::"},{"line_number":83,"context_line":"  Starting from API version 2.82, if an access rule had its visibility"},{"line_number":84,"context_line":"  restricted by another service, a system admin, or a different user, the"},{"line_number":85,"context_line":"  content of the ``access_to`` and ``access_key`` fields will be redacted."},{"line_number":86,"context_line":""},{"line_number":87,"context_line":"Response codes"},{"line_number":88,"context_line":"--------------"}],"source_content_type":"text/x-c++src","patch_set":20,"id":"8d1a4874_d8d8c333","line":85,"range":{"start_line":82,"start_character":0,"end_line":85,"end_character":74},"updated":"2023-08-23 23:20:18.000000000","message":"same as above","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":79,"context_line":"  This API replaces the older :ref:`List share access rules"},{"line_number":80,"context_line":"  \u003cget-access-rules-before-2-45\u003e` API from version 2.45."},{"line_number":81,"context_line":""},{"line_number":82,"context_line":".. note::"},{"line_number":83,"context_line":"  Starting from API version 2.82, if an access rule had its visibility"},{"line_number":84,"context_line":"  restricted by another service, a system admin, or a different user, the"},{"line_number":85,"context_line":"  content of the ``access_to`` and ``access_key`` fields will be redacted."},{"line_number":86,"context_line":""},{"line_number":87,"context_line":"Response codes"},{"line_number":88,"context_line":"--------------"}],"source_content_type":"text/x-c++src","patch_set":20,"id":"3ba42a1d_75baa0d0","line":85,"range":{"start_line":82,"start_character":0,"end_line":85,"end_character":74},"in_reply_to":"8d1a4874_d8d8c333","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}],"api-ref/source/share-actions.inc":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":149,"context_line":""},{"line_number":150,"context_line":".. note::"},{"line_number":151,"context_line":"  In case the access rule had its deletion locked, it will be necessary to"},{"line_number":152,"context_line":"  provide the ``unrestrict`` parameter in the revoke access request. Otherwise,"},{"line_number":153,"context_line":"  if the access rule has the deletion locked, it will not be possible to"},{"line_number":154,"context_line":"  delete it."},{"line_number":155,"context_line":""},{"line_number":156,"context_line":"Response codes"},{"line_number":157,"context_line":"--------------"},{"line_number":158,"context_line":""}],"source_content_type":"text/x-c++src","patch_set":18,"id":"406f54dc_adb3cfde","line":155,"range":{"start_line":152,"start_character":69,"end_line":155,"end_character":0},"updated":"2023-08-21 22:36:57.000000000","message":"nit: says the same thing as the previous sentence :)","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":149,"context_line":""},{"line_number":150,"context_line":".. note::"},{"line_number":151,"context_line":"  In case the access rule had its deletion locked, it will be necessary to"},{"line_number":152,"context_line":"  provide the ``unrestrict`` parameter in the revoke access request. Otherwise,"},{"line_number":153,"context_line":"  if the access rule has the deletion locked, it will not be possible to"},{"line_number":154,"context_line":"  delete it."},{"line_number":155,"context_line":""},{"line_number":156,"context_line":"Response codes"},{"line_number":157,"context_line":"--------------"},{"line_number":158,"context_line":""}],"source_content_type":"text/x-c++src","patch_set":18,"id":"c9b1665e_841e5f51","line":155,"range":{"start_line":152,"start_character":69,"end_line":155,"end_character":0},"in_reply_to":"406f54dc_adb3cfde","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":108,"context_line":"   - metadata: access_metadata_grant_access"},{"line_number":109,"context_line":"   - lock_visibility: lock_visibility"},{"line_number":110,"context_line":"   - lock_deletion: lock_deletion"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"Request example"},{"line_number":113,"context_line":"---------------"},{"line_number":114,"context_line":""}],"source_content_type":"text/x-c++src","patch_set":20,"id":"3453f0a7_0329f736","line":111,"updated":"2023-08-23 23:20:18.000000000","message":"missing \"lock_reason\"","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":108,"context_line":"   - metadata: access_metadata_grant_access"},{"line_number":109,"context_line":"   - lock_visibility: lock_visibility"},{"line_number":110,"context_line":"   - lock_deletion: lock_deletion"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"Request example"},{"line_number":113,"context_line":"---------------"},{"line_number":114,"context_line":""}],"source_content_type":"text/x-c++src","patch_set":20,"id":"d7636c7a_cc69c24f","line":111,"in_reply_to":"3453f0a7_0329f736","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}],"doc/source/admin/shared-file-systems-crud-share.rst":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":744,"context_line":""},{"line_number":745,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":746,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":747,"context_line":"  avoid the access rule being deleted by other user, you can specify"},{"line_number":748,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":749,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":750,"context_line":"  Only the user that placed the lock, system administrators and services will"}],"source_content_type":"text/x-rst","patch_set":18,"id":"5aad19ab_ea75b55f","line":747,"range":{"start_line":747,"start_character":47,"end_line":747,"end_character":51},"updated":"2023-08-21 22:36:57.000000000","message":"users","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":744,"context_line":""},{"line_number":745,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":746,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":747,"context_line":"  avoid the access rule being deleted by other user, you can specify"},{"line_number":748,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":749,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":750,"context_line":"  Only the user that placed the lock, system administrators and services will"}],"source_content_type":"text/x-rst","patch_set":18,"id":"c9fe4716_6d1d0662","line":747,"range":{"start_line":747,"start_character":47,"end_line":747,"end_character":51},"in_reply_to":"5aad19ab_ea75b55f","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":743,"context_line":".. tip::"},{"line_number":744,"context_line":""},{"line_number":745,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":746,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":747,"context_line":"  avoid the access rule being deleted by other users, you can specify"},{"line_number":748,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":749,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."}],"source_content_type":"text/x-rst","patch_set":20,"id":"c8f40c30_c8584e51","line":746,"range":{"start_line":746,"start_character":20,"end_line":746,"end_character":28},"updated":"2023-08-23 23:20:18.000000000","message":"\"sensitive\"","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":743,"context_line":".. tip::"},{"line_number":744,"context_line":""},{"line_number":745,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":746,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":747,"context_line":"  avoid the access rule being deleted by other users, you can specify"},{"line_number":748,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":749,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."}],"source_content_type":"text/x-rst","patch_set":20,"id":"46fffe92_41ae0925","line":746,"range":{"start_line":746,"start_character":20,"end_line":746,"end_character":28},"in_reply_to":"c8f40c30_c8584e51","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":748,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":749,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":750,"context_line":"  Only the user that placed the lock, system administrators and services will"},{"line_number":751,"context_line":"  be able to manipulate such access rules."},{"line_number":752,"context_line":""},{"line_number":753,"context_line":"To verify that the access rules (ACL) were configured correctly for a share,"},{"line_number":754,"context_line":"you list permissions for a share:"}],"source_content_type":"text/x-rst","patch_set":20,"id":"11528e7b_e16c6b77","line":751,"range":{"start_line":751,"start_character":12,"end_line":751,"end_character":42},"updated":"2023-08-23 23:20:18.000000000","message":"view sensitive fields of, or manipulate such access rules by virtue of default RBAC.","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":748,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":749,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":750,"context_line":"  Only the user that placed the lock, system administrators and services will"},{"line_number":751,"context_line":"  be able to manipulate such access rules."},{"line_number":752,"context_line":""},{"line_number":753,"context_line":"To verify that the access rules (ACL) were configured correctly for a share,"},{"line_number":754,"context_line":"you list permissions for a share:"}],"source_content_type":"text/x-rst","patch_set":20,"id":"1b88ae9a_4ff1b0a1","line":751,"range":{"start_line":751,"start_character":12,"end_line":751,"end_character":42},"in_reply_to":"11528e7b_e16c6b77","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}],"doc/source/user/create-and-manage-shares.rst":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":442,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":443,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":444,"context_line":"  Only the user that placed the lock, system administrators and services will"},{"line_number":445,"context_line":"  be able to manipulate such access rules."},{"line_number":446,"context_line":""},{"line_number":447,"context_line":"* List access."},{"line_number":448,"context_line":""}],"source_content_type":"text/x-rst","patch_set":18,"id":"bad28327_a7c65a7a","line":445,"range":{"start_line":445,"start_character":41,"end_line":445,"end_character":42},"updated":"2023-08-21 22:36:57.000000000","message":"This would be easier if the doc here used OSC.. we can probably clean this up in a new change","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":442,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":443,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":444,"context_line":"  Only the user that placed the lock, system administrators and services will"},{"line_number":445,"context_line":"  be able to manipulate such access rules."},{"line_number":446,"context_line":""},{"line_number":447,"context_line":"* List access."},{"line_number":448,"context_line":""}],"source_content_type":"text/x-rst","patch_set":18,"id":"724bec3c_b13aa9ea","line":445,"range":{"start_line":445,"start_character":41,"end_line":445,"end_character":42},"in_reply_to":"bad28327_a7c65a7a","updated":"2023-08-23 15:13:47.000000000","message":"Ack","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":434,"context_line":"     | metadata     | {}                                   |"},{"line_number":435,"context_line":"     +--------------+--------------------------------------+"},{"line_number":436,"context_line":""},{"line_number":437,"context_line":".. tip::"},{"line_number":438,"context_line":""},{"line_number":439,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":440,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"}],"source_content_type":"text/x-rst","patch_set":20,"id":"41e597ca_a2f262e7","line":437,"range":{"start_line":437,"start_character":0,"end_line":437,"end_character":8},"updated":"2023-08-23 23:20:18.000000000","message":"this shows up in the \"read only\" rules section.... perhaps add a topic called \"Grant and revoke share access\" above both types of access and move this tip there; you could demote the current headings to a lower level.. or just make them bold..","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":434,"context_line":"     | metadata     | {}                                   |"},{"line_number":435,"context_line":"     +--------------+--------------------------------------+"},{"line_number":436,"context_line":""},{"line_number":437,"context_line":".. tip::"},{"line_number":438,"context_line":""},{"line_number":439,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":440,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"}],"source_content_type":"text/x-rst","patch_set":20,"id":"77b00be2_ba99855c","line":437,"range":{"start_line":437,"start_character":0,"end_line":437,"end_character":8},"in_reply_to":"41e597ca_a2f262e7","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":437,"context_line":".. tip::"},{"line_number":438,"context_line":""},{"line_number":439,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":440,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":441,"context_line":"  avoid the access rule being deleted by other user, you can specify"},{"line_number":442,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":443,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."}],"source_content_type":"text/x-rst","patch_set":20,"id":"b5a3723b_5e3fd0e4","line":440,"range":{"start_line":440,"start_character":20,"end_line":440,"end_character":28},"updated":"2023-08-23 23:20:18.000000000","message":"sensitive","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":437,"context_line":".. tip::"},{"line_number":438,"context_line":""},{"line_number":439,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":440,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":441,"context_line":"  avoid the access rule being deleted by other user, you can specify"},{"line_number":442,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":443,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."}],"source_content_type":"text/x-rst","patch_set":20,"id":"2e180e96_2ddded20","line":440,"range":{"start_line":440,"start_character":20,"end_line":440,"end_character":28},"in_reply_to":"b5a3723b_5e3fd0e4","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":438,"context_line":""},{"line_number":439,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":440,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":441,"context_line":"  avoid the access rule being deleted by other user, you can specify"},{"line_number":442,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":443,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":444,"context_line":"  Only the user that placed the lock, system administrators and services will"}],"source_content_type":"text/x-rst","patch_set":20,"id":"7899c53b_ec6e2148","line":441,"range":{"start_line":441,"start_character":47,"end_line":441,"end_character":51},"updated":"2023-08-23 23:20:18.000000000","message":"nit: users","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":438,"context_line":""},{"line_number":439,"context_line":"  Starting from the 2023.2 (Bobcat) release, in case you want to restrict the"},{"line_number":440,"context_line":"  visibility of the sensible fields (``access_to`` and ``access_key``), or"},{"line_number":441,"context_line":"  avoid the access rule being deleted by other user, you can specify"},{"line_number":442,"context_line":"  ``--lock-visibility`` and ``--lock-deletion`` in the Manila OpenStack command"},{"line_number":443,"context_line":"  for creating access rules. A reason (``--lock-reason``) can also be provided."},{"line_number":444,"context_line":"  Only the user that placed the lock, system administrators and services will"}],"source_content_type":"text/x-rst","patch_set":20,"id":"91c1fe2d_36829aaf","line":441,"range":{"start_line":441,"start_character":47,"end_line":441,"end_character":51},"in_reply_to":"7899c53b_ec6e2148","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":461,"context_line":".. note::"},{"line_number":462,"context_line":""},{"line_number":463,"context_line":"  In case one or more access rules had its visibility locked, you might not be"},{"line_number":464,"context_line":"  able to see the content of the fields containing sensible information"},{"line_number":465,"context_line":"  (``access_to`` and ``access_key``)."},{"line_number":466,"context_line":""},{"line_number":467,"context_line":"Update access rules metadata"}],"source_content_type":"text/x-rst","patch_set":20,"id":"45e445b1_23026a2b","line":464,"range":{"start_line":464,"start_character":51,"end_line":464,"end_character":59},"updated":"2023-08-23 23:20:18.000000000","message":"sensitive !\u003d sensible :)","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":461,"context_line":".. note::"},{"line_number":462,"context_line":""},{"line_number":463,"context_line":"  In case one or more access rules had its visibility locked, you might not be"},{"line_number":464,"context_line":"  able to see the content of the fields containing sensible information"},{"line_number":465,"context_line":"  (``access_to`` and ``access_key``)."},{"line_number":466,"context_line":""},{"line_number":467,"context_line":"Update access rules metadata"}],"source_content_type":"text/x-rst","patch_set":20,"id":"9084a37d_e98ea709","line":464,"range":{"start_line":464,"start_character":51,"end_line":464,"end_character":59},"in_reply_to":"45e445b1_23026a2b","updated":"2023-08-24 17:55:19.000000000","message":"Done. Issue with translation in my brain when doing portuguese -\u003e english, sorry 😄","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}],"manila/api/openstack/api_version_request.py":[{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f0d67295b59f5d20d171eee2e87f0f83de2b1160","unresolved":true,"context_lines":[{"line_number":203,"context_line":"# The default api version request is defined to be the"},{"line_number":204,"context_line":"# minimum version of the API supported."},{"line_number":205,"context_line":"_MIN_API_VERSION \u003d \"2.0\""},{"line_number":206,"context_line":"_MAX_API_VERSION \u003d \"2.79\""},{"line_number":207,"context_line":"DEFAULT_API_VERSION \u003d _MIN_API_VERSION"},{"line_number":208,"context_line":""},{"line_number":209,"context_line":""}],"source_content_type":"text/x-python","patch_set":3,"id":"deb8b948_81e9c455","line":206,"range":{"start_line":206,"start_character":22,"end_line":206,"end_character":24},"updated":"2023-07-14 11:50:40.000000000","message":"bump this :D","commit_id":"a5c45f6cf9e5a80869a33d179e5cab910e4e961a"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"b1d27f1b75afa25d373b6176770292009a84156c","unresolved":false,"context_lines":[{"line_number":203,"context_line":"# The default api version request is defined to be the"},{"line_number":204,"context_line":"# minimum version of the API supported."},{"line_number":205,"context_line":"_MIN_API_VERSION \u003d \"2.0\""},{"line_number":206,"context_line":"_MAX_API_VERSION \u003d \"2.79\""},{"line_number":207,"context_line":"DEFAULT_API_VERSION \u003d _MIN_API_VERSION"},{"line_number":208,"context_line":""},{"line_number":209,"context_line":""}],"source_content_type":"text/x-python","patch_set":3,"id":"bcbf6f28_807a930e","line":206,"range":{"start_line":206,"start_character":22,"end_line":206,"end_character":24},"in_reply_to":"deb8b948_81e9c455","updated":"2023-07-26 10:39:55.000000000","message":"Done","commit_id":"a5c45f6cf9e5a80869a33d179e5cab910e4e961a"}],"manila/api/openstack/rest_api_version_history.rst":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":440,"context_line":"2.81"},{"line_number":441,"context_line":"----"},{"line_number":442,"context_line":"  Introduce the ability to lock access rules and restrict the visibility of"},{"line_number":443,"context_line":"  sensible fields."}],"source_content_type":"text/x-rst","patch_set":13,"id":"839e82e4_98651502","line":443,"range":{"start_line":443,"start_character":2,"end_line":443,"end_character":10},"updated":"2023-08-01 23:46:59.000000000","message":"sensitive","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":440,"context_line":"2.81"},{"line_number":441,"context_line":"----"},{"line_number":442,"context_line":"  Introduce the ability to lock access rules and restrict the visibility of"},{"line_number":443,"context_line":"  sensible fields."}],"source_content_type":"text/x-rst","patch_set":13,"id":"b3ab8d49_60c5e6e2","line":443,"range":{"start_line":443,"start_character":2,"end_line":443,"end_character":10},"in_reply_to":"839e82e4_98651502","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"}],"manila/api/v1/shares.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":505,"context_line":"            access[\u0027project_id\u0027] \u003d context.project_id"},{"line_number":506,"context_line":"            access[\u0027user_id\u0027] \u003d context.user_id"},{"line_number":507,"context_line":""},{"line_number":508,"context_line":"        if restrict_visibility:"},{"line_number":509,"context_line":"            self.resource_locks_api.create("},{"line_number":510,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":511,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_SHOW,"},{"line_number":512,"context_line":"                resource\u003daccess)"},{"line_number":513,"context_line":"        if restrict_deletion:"},{"line_number":514,"context_line":"            self.resource_locks_api.create("},{"line_number":515,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":516,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_DELETE,"},{"line_number":517,"context_line":"                resource\u003daccess)"},{"line_number":518,"context_line":""},{"line_number":519,"context_line":"        return self._access_view_builder.view(req, access)"},{"line_number":520,"context_line":""}],"source_content_type":"text/x-python","patch_set":13,"id":"77569ece_53df6090","line":517,"range":{"start_line":508,"start_character":8,"end_line":517,"end_character":32},"updated":"2023-08-01 23:46:59.000000000","message":"try..except just in case; \n\nwe should also decide how to handle failures here:\none option would be to return HTTP400; but ensure to return access[\u0027id\u0027] as well as the request ID for further triage;\n\nanother option would be to create the locks in share/api prior to saving the access rule in the DB and perform a rollback of any partially created locks if something doesn\u0027t work out.","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"4b2db066c330049b0aaeb38e4b06624411a9470c","unresolved":true,"context_lines":[{"line_number":505,"context_line":"            access[\u0027project_id\u0027] \u003d context.project_id"},{"line_number":506,"context_line":"            access[\u0027user_id\u0027] \u003d context.user_id"},{"line_number":507,"context_line":""},{"line_number":508,"context_line":"        if restrict_visibility:"},{"line_number":509,"context_line":"            self.resource_locks_api.create("},{"line_number":510,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":511,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_SHOW,"},{"line_number":512,"context_line":"                resource\u003daccess)"},{"line_number":513,"context_line":"        if restrict_deletion:"},{"line_number":514,"context_line":"            self.resource_locks_api.create("},{"line_number":515,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":516,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_DELETE,"},{"line_number":517,"context_line":"                resource\u003daccess)"},{"line_number":518,"context_line":""},{"line_number":519,"context_line":"        return self._access_view_builder.view(req, access)"},{"line_number":520,"context_line":""}],"source_content_type":"text/x-python","patch_set":13,"id":"b00e479d_672e1372","line":517,"range":{"start_line":508,"start_character":8,"end_line":517,"end_character":32},"in_reply_to":"142dea9b_3e02ca43","updated":"2023-08-04 00:00:33.000000000","message":"an option would be to make this a joint db transaction..","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":true,"context_lines":[{"line_number":505,"context_line":"            access[\u0027project_id\u0027] \u003d context.project_id"},{"line_number":506,"context_line":"            access[\u0027user_id\u0027] \u003d context.user_id"},{"line_number":507,"context_line":""},{"line_number":508,"context_line":"        if restrict_visibility:"},{"line_number":509,"context_line":"            self.resource_locks_api.create("},{"line_number":510,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":511,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_SHOW,"},{"line_number":512,"context_line":"                resource\u003daccess)"},{"line_number":513,"context_line":"        if restrict_deletion:"},{"line_number":514,"context_line":"            self.resource_locks_api.create("},{"line_number":515,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":516,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_DELETE,"},{"line_number":517,"context_line":"                resource\u003daccess)"},{"line_number":518,"context_line":""},{"line_number":519,"context_line":"        return self._access_view_builder.view(req, access)"},{"line_number":520,"context_line":""}],"source_content_type":"text/x-python","patch_set":13,"id":"142dea9b_3e02ca43","line":517,"range":{"start_line":508,"start_character":8,"end_line":517,"end_character":32},"in_reply_to":"77569ece_53df6090","updated":"2023-08-03 15:15:36.000000000","message":"\u003e another option would be to create the locks in share/api prior to saving the access rule in the DB and perform a rollback of any partially created locks if something doesn\u0027t work out.\n\nWe\u0027d need the resource_id for the lock creation, so that\u0027s why the lock must be placed after the access creation in the database :/\n\nWhat we could do though is move the locks creation right after the database access create call and perform rollbacks if needed in the share/api, but there are also other operations that could fail (i.e. the steps on allow_access_to_instance), and that would make the rollback more confusing, as the exception would be caught on this side, and this side would not have knowledge on the locks whatsoever.\n\nThat\u0027s the reason why I placed the lock creations in the API. At this point we are sure that everything went fine with the access creation so far.\n\nI\u0027ll do the try/except with a rollback of the locks here, but there is something else though:\n\n- Supposing that entire access creation went fine and the rule is already being applied in the backend and only the locks placement failed, I\u0027m okay raising bad request with a message, but it could be confusing to the users to see their access rules in an active state and receiving a 400 at the same time.\n\nI\u0027ll make some changes, but let\u0027s keep discussing this :)","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":505,"context_line":"            access[\u0027project_id\u0027] \u003d context.project_id"},{"line_number":506,"context_line":"            access[\u0027user_id\u0027] \u003d context.user_id"},{"line_number":507,"context_line":""},{"line_number":508,"context_line":"        if restrict_visibility:"},{"line_number":509,"context_line":"            self.resource_locks_api.create("},{"line_number":510,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":511,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_SHOW,"},{"line_number":512,"context_line":"                resource\u003daccess)"},{"line_number":513,"context_line":"        if restrict_deletion:"},{"line_number":514,"context_line":"            self.resource_locks_api.create("},{"line_number":515,"context_line":"                context, resource_id\u003daccess[\u0027id\u0027], resource_type\u003d\u0027access_rule\u0027,"},{"line_number":516,"context_line":"                resource_action\u003dconstants.RESOURCE_ACTION_DELETE,"},{"line_number":517,"context_line":"                resource\u003daccess)"},{"line_number":518,"context_line":""},{"line_number":519,"context_line":"        return self._access_view_builder.view(req, access)"},{"line_number":520,"context_line":""}],"source_content_type":"text/x-python","patch_set":13,"id":"04e20578_907383be","line":517,"range":{"start_line":508,"start_character":8,"end_line":517,"end_character":32},"in_reply_to":"b00e479d_672e1372","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":530,"context_line":"        }"},{"line_number":531,"context_line":""},{"line_number":532,"context_line":"        locks, count \u003d ("},{"line_number":533,"context_line":"            self.resource_locks_api.get_all("},{"line_number":534,"context_line":"                context, search_opts\u003dsearch_opts) or [])"},{"line_number":535,"context_line":""},{"line_number":536,"context_line":"        # no locks placed, nothing to do"},{"line_number":537,"context_line":"        if not locks:"}],"source_content_type":"text/x-python","patch_set":13,"id":"3346fd41_64a9f913","line":534,"range":{"start_line":533,"start_character":22,"end_line":534,"end_character":56},"updated":"2023-08-01 23:46:59.000000000","message":"nit: wrapping\n\n```\n   locks, count \u003d (\n       self.resource_locks_api.get_all(\n                context, search_opts\u003dsearch_opts) or []\n   )\n```","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":530,"context_line":"        }"},{"line_number":531,"context_line":""},{"line_number":532,"context_line":"        locks, count \u003d ("},{"line_number":533,"context_line":"            self.resource_locks_api.get_all("},{"line_number":534,"context_line":"                context, search_opts\u003dsearch_opts) or [])"},{"line_number":535,"context_line":""},{"line_number":536,"context_line":"        # no locks placed, nothing to do"},{"line_number":537,"context_line":"        if not locks:"}],"source_content_type":"text/x-python","patch_set":13,"id":"79c06fd6_9d7b1e0b","line":534,"range":{"start_line":533,"start_character":22,"end_line":534,"end_character":56},"in_reply_to":"3346fd41_64a9f913","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":537,"context_line":"        if not locks:"},{"line_number":538,"context_line":"            return"},{"line_number":539,"context_line":""},{"line_number":540,"context_line":"        locks_count \u003d len(locks)"},{"line_number":541,"context_line":""},{"line_number":542,"context_line":"        def raise_rule_is_locked(share_id):"},{"line_number":543,"context_line":"            msg \u003d _("}],"source_content_type":"text/x-python","patch_set":13,"id":"4e51a895_4463ad34","line":540,"range":{"start_line":540,"start_character":8,"end_line":540,"end_character":32},"updated":"2023-08-01 23:46:59.000000000","message":"rename \"count\" on line 532 to \"locks_count\" instead","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":537,"context_line":"        if not locks:"},{"line_number":538,"context_line":"            return"},{"line_number":539,"context_line":""},{"line_number":540,"context_line":"        locks_count \u003d len(locks)"},{"line_number":541,"context_line":""},{"line_number":542,"context_line":"        def raise_rule_is_locked(share_id):"},{"line_number":543,"context_line":"            msg \u003d _("}],"source_content_type":"text/x-python","patch_set":13,"id":"6a0baed6_6e401d23","line":540,"range":{"start_line":540,"start_character":8,"end_line":540,"end_character":32},"in_reply_to":"4e51a895_4463ad34","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":547,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":548,"context_line":""},{"line_number":549,"context_line":"        # restrict_deletion and restrict_visibility end up creating two locks"},{"line_number":550,"context_line":"        if locks_count \u003c 3 and unrestrict:"},{"line_number":551,"context_line":"            locked_actions \u003d []"},{"line_number":552,"context_line":""},{"line_number":553,"context_line":"            for lock in locks:"}],"source_content_type":"text/x-python","patch_set":13,"id":"7e16c759_fbed2299","line":550,"range":{"start_line":550,"start_character":8,"end_line":550,"end_character":27},"updated":"2023-08-01 23:46:59.000000000","message":"reading this made me think of something; \n\nunlike other kind of locks, the same access rule cannot really be locked by different users using different locks. We should prevent this, because:\n\nLets say user `xyz` creates a visibility lock, this should mean that only `xyz` should be able to view access rule data. If user `abc` tries to read the access rule, they\u0027ll see the protected fields set to \"******\". There\u0027s no point in allowing `abc` to lock the same access rule. They can\u0027t see the rule\u0027s sensitive data because of `xyz`\u0027s lock.  \n\nThe same logic can be applied to deletion as well. If an access rule is locked for deletion by user `xyz`, what\u0027s the point of allowing `abc` to further lock it? \n\nwdyt?\n\nif you agree, we should probably add this restriction in the resource-locks create API so people don\u0027t trip up on this","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"6febaf87257992fad22211610548a1816a1a02a8","unresolved":true,"context_lines":[{"line_number":547,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":548,"context_line":""},{"line_number":549,"context_line":"        # restrict_deletion and restrict_visibility end up creating two locks"},{"line_number":550,"context_line":"        if locks_count \u003c 3 and unrestrict:"},{"line_number":551,"context_line":"            locked_actions \u003d []"},{"line_number":552,"context_line":""},{"line_number":553,"context_line":"            for lock in locks:"}],"source_content_type":"text/x-python","patch_set":13,"id":"a7f5791f_f0e608a4","line":550,"range":{"start_line":550,"start_character":8,"end_line":550,"end_character":27},"in_reply_to":"7e16c759_fbed2299","updated":"2023-08-02 20:13:47.000000000","message":"I think multiple deletion locks may make sense for nova; but maybe we should restrict there being only one visibility lock?","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":true,"context_lines":[{"line_number":547,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":548,"context_line":""},{"line_number":549,"context_line":"        # restrict_deletion and restrict_visibility end up creating two locks"},{"line_number":550,"context_line":"        if locks_count \u003c 3 and unrestrict:"},{"line_number":551,"context_line":"            locked_actions \u003d []"},{"line_number":552,"context_line":""},{"line_number":553,"context_line":"            for lock in locks:"}],"source_content_type":"text/x-python","patch_set":13,"id":"e1a852eb_810bc09b","line":550,"range":{"start_line":550,"start_character":8,"end_line":550,"end_character":27},"in_reply_to":"a7f5791f_f0e608a4","updated":"2023-08-03 15:15:36.000000000","message":"\u003e I think multiple deletion locks may make sense for nova; but maybe we should restrict there being only one visibility lock?\n\n++","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":547,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":548,"context_line":""},{"line_number":549,"context_line":"        # restrict_deletion and restrict_visibility end up creating two locks"},{"line_number":550,"context_line":"        if locks_count \u003c 3 and unrestrict:"},{"line_number":551,"context_line":"            locked_actions \u003d []"},{"line_number":552,"context_line":""},{"line_number":553,"context_line":"            for lock in locks:"}],"source_content_type":"text/x-python","patch_set":13,"id":"87ed462b_ead61c15","line":550,"range":{"start_line":550,"start_character":8,"end_line":550,"end_character":27},"in_reply_to":"e1a852eb_810bc09b","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":578,"context_line":""},{"line_number":579,"context_line":"    @wsgi.Controller.authorize(\u0027deny_access\u0027)"},{"line_number":580,"context_line":"    def _deny_access(self, req, id, body, allow_on_error_state\u003dFalse,"},{"line_number":581,"context_line":"                     check_for_locks\u003dFalse):"},{"line_number":582,"context_line":"        \"\"\"Remove share access rule.\"\"\""},{"line_number":583,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"},{"line_number":584,"context_line":""}],"source_content_type":"text/x-python","patch_set":13,"id":"45a24512_b9e66bd2","line":581,"range":{"start_line":581,"start_character":20,"end_line":581,"end_character":42},"updated":"2023-08-01 23:46:59.000000000","message":"you should always check for locks; no matter the API version","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":578,"context_line":""},{"line_number":579,"context_line":"    @wsgi.Controller.authorize(\u0027deny_access\u0027)"},{"line_number":580,"context_line":"    def _deny_access(self, req, id, body, allow_on_error_state\u003dFalse,"},{"line_number":581,"context_line":"                     check_for_locks\u003dFalse):"},{"line_number":582,"context_line":"        \"\"\"Remove share access rule.\"\"\""},{"line_number":583,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"},{"line_number":584,"context_line":""}],"source_content_type":"text/x-python","patch_set":13,"id":"7a4c4e22_078d64f4","line":581,"range":{"start_line":581,"start_character":20,"end_line":581,"end_character":42},"in_reply_to":"45a24512_b9e66bd2","updated":"2023-08-03 15:15:36.000000000","message":"Ack","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":35677,"name":"Thiago José de Andrade Alvoravel","display_name":"Thiago Alvoravel","email":"thiago.andrade@fit-tecnologia.org.br","username":"thiagoalvoravel"},"change_message_id":"fcc4b0ba28acad5e21737ac55dd42b49ad82b2e4","unresolved":true,"context_lines":[{"line_number":458,"context_line":"        access[\u0027project_id\u0027] \u003d context.project_id"},{"line_number":459,"context_line":"        access[\u0027user_id\u0027] \u003d context.user_id"},{"line_number":460,"context_line":""},{"line_number":461,"context_line":"        def raise_lock_failed(access, lock_action):"},{"line_number":462,"context_line":"            word_mapping \u003d {"},{"line_number":463,"context_line":"                constants.RESOURCE_ACTION_SHOW: \u0027visibility\u0027,"},{"line_number":464,"context_line":"                constants.RESOURCE_ACTION_DELETE: \u0027deletion\u0027"},{"line_number":465,"context_line":"            }"},{"line_number":466,"context_line":"            msg \u003d _(\"Failed to lock the %(action)s of the access rule \""},{"line_number":467,"context_line":"                    \"%(rule)s.\") % {"},{"line_number":468,"context_line":"                \u0027action\u0027: word_mapping[lock_action],"},{"line_number":469,"context_line":"                \u0027rule\u0027: access[\u0027id\u0027]"},{"line_number":470,"context_line":"            }"},{"line_number":471,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dmsg)"},{"line_number":472,"context_line":""},{"line_number":473,"context_line":"        deletion_lock \u003d {}"},{"line_number":474,"context_line":""}],"source_content_type":"text/x-python","patch_set":16,"id":"f0ff4d1f_e2dea259","line":471,"range":{"start_line":461,"start_character":8,"end_line":471,"end_character":59},"updated":"2023-08-09 21:09:19.000000000","message":"It would be good have UT for this negative scenario and last CI result shows it\u0027s not covered [1].\n\n[1] https://d5c706635f0319199535-c862a7cee9789a90e28aadd42eae2397.ssl.cf5.rackcdn.com/887725/16/check/openstack-tox-cover/bf4f33e/cover/d_6c927ce90674746c_shares_py.html#t472","commit_id":"93dc6daba6486b7c8da8be9aab8a2d08b1b5e5f3"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"8aaa5f901f1a4f36911aaa516e063deb025e9cf3","unresolved":false,"context_lines":[{"line_number":458,"context_line":"        access[\u0027project_id\u0027] \u003d context.project_id"},{"line_number":459,"context_line":"        access[\u0027user_id\u0027] \u003d context.user_id"},{"line_number":460,"context_line":""},{"line_number":461,"context_line":"        def raise_lock_failed(access, lock_action):"},{"line_number":462,"context_line":"            word_mapping \u003d {"},{"line_number":463,"context_line":"                constants.RESOURCE_ACTION_SHOW: \u0027visibility\u0027,"},{"line_number":464,"context_line":"                constants.RESOURCE_ACTION_DELETE: \u0027deletion\u0027"},{"line_number":465,"context_line":"            }"},{"line_number":466,"context_line":"            msg \u003d _(\"Failed to lock the %(action)s of the access rule \""},{"line_number":467,"context_line":"                    \"%(rule)s.\") % {"},{"line_number":468,"context_line":"                \u0027action\u0027: word_mapping[lock_action],"},{"line_number":469,"context_line":"                \u0027rule\u0027: access[\u0027id\u0027]"},{"line_number":470,"context_line":"            }"},{"line_number":471,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dmsg)"},{"line_number":472,"context_line":""},{"line_number":473,"context_line":"        deletion_lock \u003d {}"},{"line_number":474,"context_line":""}],"source_content_type":"text/x-python","patch_set":16,"id":"9b8f996a_897fd5bf","line":471,"range":{"start_line":461,"start_character":8,"end_line":471,"end_character":59},"in_reply_to":"f0ff4d1f_e2dea259","updated":"2023-08-18 14:38:40.000000000","message":"Done","commit_id":"93dc6daba6486b7c8da8be9aab8a2d08b1b5e5f3"},{"author":{"_account_id":35677,"name":"Thiago José de Andrade Alvoravel","display_name":"Thiago Alvoravel","email":"thiago.andrade@fit-tecnologia.org.br","username":"thiagoalvoravel"},"change_message_id":"fcc4b0ba28acad5e21737ac55dd42b49ad82b2e4","unresolved":true,"context_lines":[{"line_number":479,"context_line":"                    resource_type\u003d\u0027access_rule\u0027,"},{"line_number":480,"context_line":"                    resource_action\u003dconstants.RESOURCE_ACTION_DELETE,"},{"line_number":481,"context_line":"                    resource\u003daccess, lock_reason\u003dlock_reason)"},{"line_number":482,"context_line":"            except Exception:"},{"line_number":483,"context_line":"                raise_lock_failed(access, constants.RESOURCE_ACTION_DELETE)"},{"line_number":484,"context_line":""},{"line_number":485,"context_line":"        if lock_visibility:"},{"line_number":486,"context_line":"            try:"}],"source_content_type":"text/x-python","patch_set":16,"id":"67fc29d2_bf15d444","line":483,"range":{"start_line":482,"start_character":12,"end_line":483,"end_character":75},"updated":"2023-08-09 21:09:19.000000000","message":"It would be good have UT for this negative scenario and last CI result shows it\u0027s not covered [1].\n\n[1] https://d5c706635f0319199535-c862a7cee9789a90e28aadd42eae2397.ssl.cf5.rackcdn.com/887725/16/check/openstack-tox-cover/bf4f33e/cover/d_6c927ce90674746c_shares_py.html#t493","commit_id":"93dc6daba6486b7c8da8be9aab8a2d08b1b5e5f3"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"8aaa5f901f1a4f36911aaa516e063deb025e9cf3","unresolved":false,"context_lines":[{"line_number":479,"context_line":"                    resource_type\u003d\u0027access_rule\u0027,"},{"line_number":480,"context_line":"                    resource_action\u003dconstants.RESOURCE_ACTION_DELETE,"},{"line_number":481,"context_line":"                    resource\u003daccess, lock_reason\u003dlock_reason)"},{"line_number":482,"context_line":"            except Exception:"},{"line_number":483,"context_line":"                raise_lock_failed(access, constants.RESOURCE_ACTION_DELETE)"},{"line_number":484,"context_line":""},{"line_number":485,"context_line":"        if lock_visibility:"},{"line_number":486,"context_line":"            try:"}],"source_content_type":"text/x-python","patch_set":16,"id":"eb776e99_1cfd27c4","line":483,"range":{"start_line":482,"start_character":12,"end_line":483,"end_character":75},"in_reply_to":"67fc29d2_bf15d444","updated":"2023-08-18 14:38:40.000000000","message":"Done","commit_id":"93dc6daba6486b7c8da8be9aab8a2d08b1b5e5f3"},{"author":{"_account_id":35677,"name":"Thiago José de Andrade Alvoravel","display_name":"Thiago Alvoravel","email":"thiago.andrade@fit-tecnologia.org.br","username":"thiagoalvoravel"},"change_message_id":"fcc4b0ba28acad5e21737ac55dd42b49ad82b2e4","unresolved":true,"context_lines":[{"line_number":489,"context_line":"                    resource_type\u003d\u0027access_rule\u0027,"},{"line_number":490,"context_line":"                    resource_action\u003dconstants.RESOURCE_ACTION_SHOW,"},{"line_number":491,"context_line":"                    resource\u003daccess, lock_reason\u003dlock_reason)"},{"line_number":492,"context_line":"            except Exception:"},{"line_number":493,"context_line":"                # If a deletion lock was placed and the visibility wasn\u0027t,"},{"line_number":494,"context_line":"                # we should rollback the deletion lock."},{"line_number":495,"context_line":"                if deletion_lock:"},{"line_number":496,"context_line":"                    self.resource_locks_api.delete("},{"line_number":497,"context_line":"                        context, deletion_lock[\u0027id\u0027])"},{"line_number":498,"context_line":"                raise_lock_failed(access, constants.RESOURCE_ACTION_SHOW)"},{"line_number":499,"context_line":""},{"line_number":500,"context_line":"    @wsgi.Controller.authorize(\u0027allow_access\u0027)"},{"line_number":501,"context_line":"    def _allow_access(self, req, id, body, enable_ceph\u003dFalse,"}],"source_content_type":"text/x-python","patch_set":16,"id":"586026ca_67974ad3","line":498,"range":{"start_line":492,"start_character":12,"end_line":498,"end_character":73},"updated":"2023-08-09 21:09:19.000000000","message":"It would be good have UT for this negative scenario and last CI result shows it\u0027s not covered [1].\n\n[1] https://d5c706635f0319199535-c862a7cee9789a90e28aadd42eae2397.ssl.cf5.rackcdn.com/887725/16/check/openstack-tox-cover/bf4f33e/cover/d_6c927ce90674746c_shares_py.html#t503","commit_id":"93dc6daba6486b7c8da8be9aab8a2d08b1b5e5f3"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"8aaa5f901f1a4f36911aaa516e063deb025e9cf3","unresolved":false,"context_lines":[{"line_number":489,"context_line":"                    resource_type\u003d\u0027access_rule\u0027,"},{"line_number":490,"context_line":"                    resource_action\u003dconstants.RESOURCE_ACTION_SHOW,"},{"line_number":491,"context_line":"                    resource\u003daccess, lock_reason\u003dlock_reason)"},{"line_number":492,"context_line":"            except Exception:"},{"line_number":493,"context_line":"                # If a deletion lock was placed and the visibility wasn\u0027t,"},{"line_number":494,"context_line":"                # we should rollback the deletion lock."},{"line_number":495,"context_line":"                if deletion_lock:"},{"line_number":496,"context_line":"                    self.resource_locks_api.delete("},{"line_number":497,"context_line":"                        context, deletion_lock[\u0027id\u0027])"},{"line_number":498,"context_line":"                raise_lock_failed(access, constants.RESOURCE_ACTION_SHOW)"},{"line_number":499,"context_line":""},{"line_number":500,"context_line":"    @wsgi.Controller.authorize(\u0027allow_access\u0027)"},{"line_number":501,"context_line":"    def _allow_access(self, req, id, body, enable_ceph\u003dFalse,"}],"source_content_type":"text/x-python","patch_set":16,"id":"8e13975a_b27cbe0a","line":498,"range":{"start_line":492,"start_character":12,"end_line":498,"end_character":73},"in_reply_to":"586026ca_67974ad3","updated":"2023-08-18 14:38:40.000000000","message":"Done","commit_id":"93dc6daba6486b7c8da8be9aab8a2d08b1b5e5f3"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":598,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":599,"context_line":""},{"line_number":600,"context_line":"        # only one delete lock should be placed"},{"line_number":601,"context_line":"        if locks_count \u003c 3 and unrestrict:"},{"line_number":602,"context_line":"            locked_actions \u003d []"},{"line_number":603,"context_line":""},{"line_number":604,"context_line":"            for lock in locks:"}],"source_content_type":"text/x-python","patch_set":18,"id":"2cbd5425_c0465466","line":601,"range":{"start_line":601,"start_character":8,"end_line":601,"end_character":42},"updated":"2023-08-21 22:36:57.000000000","message":"maybe this logic should be:\n\n- go through list of locks for \"delete\" locks, separate them into two groups:\n - locks you can remove\n - locks you can\u0027t remove\n \n \n then:\n \n- if there are any locks you cannot remove, don\u0027t delete anything, bail out by raising an exception\n\n\n later:\n\n- don\u0027t remove any locks from the DB in the API layer. just do this when the rule deletion happens from the share manager\n\n\nso that, if something goes wrong, locks are still preserved..","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":598,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":599,"context_line":""},{"line_number":600,"context_line":"        # only one delete lock should be placed"},{"line_number":601,"context_line":"        if locks_count \u003c 3 and unrestrict:"},{"line_number":602,"context_line":"            locked_actions \u003d []"},{"line_number":603,"context_line":""},{"line_number":604,"context_line":"            for lock in locks:"}],"source_content_type":"text/x-python","patch_set":18,"id":"430a3d33_cca803a5","line":601,"range":{"start_line":601,"start_character":8,"end_line":601,"end_character":42},"in_reply_to":"2cbd5425_c0465466","updated":"2023-08-23 15:13:47.000000000","message":"This makes sense and will make the code more clean. Thanks!","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":593,"context_line":""},{"line_number":594,"context_line":"        def raise_rule_is_locked(share_id):"},{"line_number":595,"context_line":"            msg \u003d _("},{"line_number":596,"context_line":"                \"Cannot deny access for share \u0027%s\u0027 since it has been \""},{"line_number":597,"context_line":"                \"locked. Please remove the locks and retry the \""},{"line_number":598,"context_line":"                \"operation\") % share_id"},{"line_number":599,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":600,"context_line":""},{"line_number":601,"context_line":"        if locks_count and not unrestrict:"}],"source_content_type":"text/x-python","patch_set":20,"id":"5666d235_4596903c","line":598,"range":{"start_line":596,"start_character":16,"end_line":598,"end_character":27},"updated":"2023-08-23 23:20:18.000000000","message":"When \"unrestrict\" is set to true, this error message isn\u0027t appropriate/complete; \n\nmaybe use a different message when \"unrestrict\" is set:\n\n\n \"Unable to drop access rule restrictions that are not placed by you.\"","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":593,"context_line":""},{"line_number":594,"context_line":"        def raise_rule_is_locked(share_id):"},{"line_number":595,"context_line":"            msg \u003d _("},{"line_number":596,"context_line":"                \"Cannot deny access for share \u0027%s\u0027 since it has been \""},{"line_number":597,"context_line":"                \"locked. Please remove the locks and retry the \""},{"line_number":598,"context_line":"                \"operation\") % share_id"},{"line_number":599,"context_line":"            raise exc.HTTPForbidden(explanation\u003dmsg)"},{"line_number":600,"context_line":""},{"line_number":601,"context_line":"        if locks_count and not unrestrict:"}],"source_content_type":"text/x-python","patch_set":20,"id":"837363c2_9588b3fe","line":598,"range":{"start_line":596,"start_character":16,"end_line":598,"end_character":27},"in_reply_to":"5666d235_4596903c","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}],"manila/api/v2/resource_locks.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":59,"context_line":"        if len(lock_reason) \u003e 1023:"},{"line_number":60,"context_line":"            msg \u003d _(\"\u0027lock_reason\u0027 can contain a maximum of 1023 characters.\")"},{"line_number":61,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dmsg)"},{"line_number":62,"context_line":"        if resource_action not in constants.RESOURCE_LOCK_RESOURCE_ACTIONS:"},{"line_number":63,"context_line":"            msg \u003d _(\"\u0027resource_action\u0027 can only be one of %(actions)s\" %"},{"line_number":64,"context_line":"                    {\u0027actions\u0027: constants.RESOURCE_LOCK_RESOURCE_ACTIONS})"},{"line_number":65,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dmsg)"},{"line_number":66,"context_line":""},{"line_number":67,"context_line":"        if for_update:"}],"source_content_type":"text/x-python","patch_set":18,"id":"8611265b_81d07cdd","line":64,"range":{"start_line":62,"start_character":0,"end_line":64,"end_character":74},"updated":"2023-08-21 22:36:57.000000000","message":"i think this needs to be improved now that we\u0027re adding more actions... we need to validate that the resource_action specified is allowed for the resource type specified..","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":59,"context_line":"        if len(lock_reason) \u003e 1023:"},{"line_number":60,"context_line":"            msg \u003d _(\"\u0027lock_reason\u0027 can contain a maximum of 1023 characters.\")"},{"line_number":61,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dmsg)"},{"line_number":62,"context_line":"        if resource_action not in constants.RESOURCE_LOCK_RESOURCE_ACTIONS:"},{"line_number":63,"context_line":"            msg \u003d _(\"\u0027resource_action\u0027 can only be one of %(actions)s\" %"},{"line_number":64,"context_line":"                    {\u0027actions\u0027: constants.RESOURCE_LOCK_RESOURCE_ACTIONS})"},{"line_number":65,"context_line":"            raise webob.exc.HTTPBadRequest(explanation\u003dmsg)"},{"line_number":66,"context_line":""},{"line_number":67,"context_line":"        if for_update:"}],"source_content_type":"text/x-python","patch_set":18,"id":"1bfb751f_936899e0","line":64,"range":{"start_line":62,"start_character":0,"end_line":64,"end_character":74},"in_reply_to":"8611265b_81d07cdd","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":52,"context_line":"        lock_data \u003d body[\u0027resource_lock\u0027]"},{"line_number":53,"context_line":"        resource_id \u003d lock_data.get(\u0027resource_id\u0027) or \u0027\u0027"},{"line_number":54,"context_line":"        resource_type \u003d (lock_data.get(\u0027resource_type\u0027)"},{"line_number":55,"context_line":"                         or constants.SHARE_RESOURCE_TYPE)"},{"line_number":56,"context_line":"        resource_action \u003d (lock_data.get(\u0027resource_action\u0027) or"},{"line_number":57,"context_line":"                           constants.RESOURCE_ACTION_DELETE)"},{"line_number":58,"context_line":"        lock_reason \u003d lock_data.get(\u0027lock_reason\u0027) or \u0027\u0027"}],"source_content_type":"text/x-python","patch_set":20,"id":"0342fb91_3c8c0168","line":55,"range":{"start_line":55,"start_character":57,"end_line":55,"end_character":58},"updated":"2023-08-23 23:20:18.000000000","message":"i now feel the validation below doesn\u0027t cover corner cases.. \n\nWe want to validate that \"resource_type\" is valid for \"create\" operation; for \"update\", we need to look at the lock to get the \"resource_type\". We default to share; we\u0027ll be performing the wrong comparison during the \"update\" call. \n\n\nto solve this, maybe we should add an update-specific check in the lock/api.py module\u0027s update() method. I\u0027m seeking this because this _check_body call occurs before we have the lock info from the database. Alternatively, you can push _check_body into the resource_locks_api.update() call and set body[\u0027resource_lock\u0027][\u0027resource_type\u0027] prior to making this call..\n\n\n\n```\ndef _check_body(self, body, for_update\u003dFalse):\n        if \u0027resource_lock\u0027 not in body:\n            raise exc.HTTPBadRequest(\n                explanation\u003d\"Malformed request body.\")\n                \n        lock_data \u003d body[\u0027resource_lock\u0027]\n        resource_id \u003d lock_data.get(\u0027resource_id\u0027) or \u0027\u0027\n        resource_type \u003d lock_data.get(\u0027resource_type\u0027) or \u0027\u0027\n        resource_action \u003d (lock_data.get(\u0027resource_action\u0027) or\n                           constants.RESOURCE_ACTION_DELETE)\n        lock_reason \u003d lock_data.get(\u0027lock_reason\u0027) or \u0027\u0027\n\n        if for_update:\n            if set(lock_data.keys()) - {\u0027resource_action\u0027, \u0027lock_reason\u0027}:\n                msg \u003d _(\"Only \u0027resource_action\u0027 and \u0027lock_reason\u0027 \"\n                        \"can be updated.\")\n                raise exc.HTTPBadRequest(explanation\u003dmsg)\n        else:\n        \n            if not uuidutils.is_uuid_like(resource_id):\n                msg \u003d _(\"Resource ID is required and must be in uuid format.\")\n                raise exc.HTTPBadRequest(explanation\u003dmsg)\n            if resource_type not in constants.RESOURCE_LOCK_RESOURCE_TYPES:\n            msg \u003d _(\"\u0027resource_type\u0027 is required and must be one \"\n                    \"of %(resource_types)s\") % {\n                \u0027resource_types\u0027: constants.RESOURCE_LOCK_RESOURCE_TYPES\n            }\n            raise exc.HTTPBadRequest(explanation\u003dmsg)\n            \n        if len(lock_reason) \u003e 1023:\n            msg \u003d _(\"\u0027lock_reason\u0027 can contain a maximum of 1023 characters.\")\n            raise exc.HTTPBadRequest(explanation\u003dmsg)\n        \n        resource_type_lock_actions \u003d (\n            constants.RESOURCE_LOCK_ACTIONS_MAPPING[resource_type])\n        if resource_action not in resource_type_lock_actions:\n            msg \u003d _(\"\u0027resource_action\u0027 can only be one of %(actions)s\" %\n                    {\u0027actions\u0027: resource_type_lock_actions})\n            raise exc.HTTPBadRequest(explanation\u003dmsg)\n                         \n```","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":52,"context_line":"        lock_data \u003d body[\u0027resource_lock\u0027]"},{"line_number":53,"context_line":"        resource_id \u003d lock_data.get(\u0027resource_id\u0027) or \u0027\u0027"},{"line_number":54,"context_line":"        resource_type \u003d (lock_data.get(\u0027resource_type\u0027)"},{"line_number":55,"context_line":"                         or constants.SHARE_RESOURCE_TYPE)"},{"line_number":56,"context_line":"        resource_action \u003d (lock_data.get(\u0027resource_action\u0027) or"},{"line_number":57,"context_line":"                           constants.RESOURCE_ACTION_DELETE)"},{"line_number":58,"context_line":"        lock_reason \u003d lock_data.get(\u0027lock_reason\u0027) or \u0027\u0027"}],"source_content_type":"text/x-python","patch_set":20,"id":"6256ecef_5bf1f381","line":55,"range":{"start_line":55,"start_character":57,"end_line":55,"end_character":58},"in_reply_to":"0342fb91_3c8c0168","updated":"2023-08-24 17:55:19.000000000","message":"\u003e I\u0027m seeking this because this _check_body call occurs before we have the lock info from the database. \n\nI believe there should be no harm to do this get before call check_body, and send the resource lock itself to the check body instead of only the update flag. Gave it a try, please take a look","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":160,"context_line":"            resource_lock \u003d self.resource_locks_api.create("},{"line_number":161,"context_line":"                context,"},{"line_number":162,"context_line":"                resource_id\u003dlock_data[\u0027resource_id\u0027],"},{"line_number":163,"context_line":"                resource_type\u003dlock_data[\u0027resource_type\u0027],"},{"line_number":164,"context_line":"                resource_action\u003d(lock_data.get(\u0027resource_action\u0027) or"},{"line_number":165,"context_line":"                                 constants.RESOURCE_ACTION_DELETE),"},{"line_number":166,"context_line":"                lock_reason\u003dlock_data.get(\u0027lock_reason\u0027)"}],"source_content_type":"text/x-python","patch_set":20,"id":"8c6b0651_73ad924a","line":163,"range":{"start_line":163,"start_character":16,"end_line":163,"end_character":57},"updated":"2023-08-23 23:20:18.000000000","message":"this might blow up.. see comment above","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":160,"context_line":"            resource_lock \u003d self.resource_locks_api.create("},{"line_number":161,"context_line":"                context,"},{"line_number":162,"context_line":"                resource_id\u003dlock_data[\u0027resource_id\u0027],"},{"line_number":163,"context_line":"                resource_type\u003dlock_data[\u0027resource_type\u0027],"},{"line_number":164,"context_line":"                resource_action\u003d(lock_data.get(\u0027resource_action\u0027) or"},{"line_number":165,"context_line":"                                 constants.RESOURCE_ACTION_DELETE),"},{"line_number":166,"context_line":"                lock_reason\u003dlock_data.get(\u0027lock_reason\u0027)"}],"source_content_type":"text/x-python","patch_set":20,"id":"6e6aa326_9618e516","line":163,"range":{"start_line":163,"start_character":16,"end_line":163,"end_character":57},"in_reply_to":"8c6b0651_73ad924a","updated":"2023-08-24 17:55:19.000000000","message":"Ack","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}],"manila/api/v2/share_access_metadata.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":35,"context_line":"    def __init__(self):"},{"line_number":36,"context_line":"        super(ShareAccessMetadataController, self).__init__()"},{"line_number":37,"context_line":"        self.share_api \u003d share.API()"},{"line_number":38,"context_line":"        self.resource_locks_api \u003d resource_locks.API()"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027)"},{"line_number":41,"context_line":"    @wsgi.Controller.authorize"}],"source_content_type":"text/x-python","patch_set":13,"id":"a2a836d6_7b498dfd","line":38,"updated":"2023-08-01 23:46:59.000000000","message":"is this needed here?","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":35,"context_line":"    def __init__(self):"},{"line_number":36,"context_line":"        super(ShareAccessMetadataController, self).__init__()"},{"line_number":37,"context_line":"        self.share_api \u003d share.API()"},{"line_number":38,"context_line":"        self.resource_locks_api \u003d resource_locks.API()"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027)"},{"line_number":41,"context_line":"    @wsgi.Controller.authorize"}],"source_content_type":"text/x-python","patch_set":13,"id":"ed6eee76_07c6e6ea","line":38,"in_reply_to":"a2a836d6_7b498dfd","updated":"2023-08-21 22:36:57.000000000","message":"don\u0027t see why, please drop","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":35,"context_line":"    def __init__(self):"},{"line_number":36,"context_line":"        super(ShareAccessMetadataController, self).__init__()"},{"line_number":37,"context_line":"        self.share_api \u003d share.API()"},{"line_number":38,"context_line":"        self.resource_locks_api \u003d resource_locks.API()"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027)"},{"line_number":41,"context_line":"    @wsgi.Controller.authorize"}],"source_content_type":"text/x-python","patch_set":13,"id":"1849f38a_713414a5","line":38,"in_reply_to":"ed6eee76_07c6e6ea","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"}],"manila/api/v2/share_accesses.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":49,"context_line":"            share_access[\u0027restricted\u0027] \u003d True"},{"line_number":50,"context_line":"        return self._view_builder.view(req, share_access)"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027, \u00272.80\u0027)"},{"line_number":53,"context_line":"    def show(self, req, id):"},{"line_number":54,"context_line":"        return self._show(req, id)"},{"line_number":55,"context_line":""},{"line_number":56,"context_line":"    @wsgi.Controller.api_version(\u00272.81\u0027)"},{"line_number":57,"context_line":"    def show(self, req, id): # pylint: disable\u003dfunction-redefined  # noqa F811"},{"line_number":58,"context_line":"        \"\"\"Return data about the given share access rule.\"\"\""},{"line_number":59,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"}],"source_content_type":"text/x-python","patch_set":13,"id":"dc10c620_907ffd28","line":56,"range":{"start_line":52,"start_character":4,"end_line":56,"end_character":40},"updated":"2023-08-01 23:46:59.000000000","message":"restricting the visibility of the access rule shouldn\u0027t be versioned.. i.e., you shouldn\u0027t allow someone to see access rule data by using an older API microversion","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":49,"context_line":"            share_access[\u0027restricted\u0027] \u003d True"},{"line_number":50,"context_line":"        return self._view_builder.view(req, share_access)"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027, \u00272.80\u0027)"},{"line_number":53,"context_line":"    def show(self, req, id):"},{"line_number":54,"context_line":"        return self._show(req, id)"},{"line_number":55,"context_line":""},{"line_number":56,"context_line":"    @wsgi.Controller.api_version(\u00272.81\u0027)"},{"line_number":57,"context_line":"    def show(self, req, id): # pylint: disable\u003dfunction-redefined  # noqa F811"},{"line_number":58,"context_line":"        \"\"\"Return data about the given share access rule.\"\"\""},{"line_number":59,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"}],"source_content_type":"text/x-python","patch_set":13,"id":"f041e92b_25406b3e","line":56,"range":{"start_line":52,"start_character":4,"end_line":56,"end_character":40},"in_reply_to":"dc10c620_907ffd28","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":61,"context_line":"        return self._show(req, id, restricted\u003drestricted)"},{"line_number":62,"context_line":""},{"line_number":63,"context_line":"    def _is_rule_restricted(self, context, id):"},{"line_number":64,"context_line":"        search_opts \u003d {"},{"line_number":65,"context_line":"            \u0027resource_id\u0027: id,"},{"line_number":66,"context_line":"            \u0027resource_action\u0027: constants.RESOURCE_ACTION_SHOW"},{"line_number":67,"context_line":"        }"},{"line_number":68,"context_line":"        locks, count \u003d self.resource_locks_api.get_all(context, search_opts)"},{"line_number":69,"context_line":"        locks_visibility \u003d []"},{"line_number":70,"context_line":"        for lock in locks:"},{"line_number":71,"context_line":"            is_visibility_restricted \u003d ("}],"source_content_type":"text/x-python","patch_set":13,"id":"265eb4d3_d9d9790f","line":68,"range":{"start_line":64,"start_character":8,"end_line":68,"end_character":76},"updated":"2023-08-01 23:46:59.000000000","message":"i\u0027d suggest including the \"resource_type\" in the filtering as well, defensively..","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":61,"context_line":"        return self._show(req, id, restricted\u003drestricted)"},{"line_number":62,"context_line":""},{"line_number":63,"context_line":"    def _is_rule_restricted(self, context, id):"},{"line_number":64,"context_line":"        search_opts \u003d {"},{"line_number":65,"context_line":"            \u0027resource_id\u0027: id,"},{"line_number":66,"context_line":"            \u0027resource_action\u0027: constants.RESOURCE_ACTION_SHOW"},{"line_number":67,"context_line":"        }"},{"line_number":68,"context_line":"        locks, count \u003d self.resource_locks_api.get_all(context, search_opts)"},{"line_number":69,"context_line":"        locks_visibility \u003d []"},{"line_number":70,"context_line":"        for lock in locks:"},{"line_number":71,"context_line":"            is_visibility_restricted \u003d ("}],"source_content_type":"text/x-python","patch_set":13,"id":"b8f7ef60_b3f26ce7","line":68,"range":{"start_line":64,"start_character":8,"end_line":68,"end_character":76},"in_reply_to":"265eb4d3_d9d9790f","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":103,"context_line":"            context, share, search_opts)"},{"line_number":104,"context_line":"        return access_rules"},{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027, \u00272.80\u0027)"},{"line_number":107,"context_line":"    def index(self, req):"},{"line_number":108,"context_line":"        \"\"\"Returns the list of access rules for a given share.\"\"\""},{"line_number":109,"context_line":"        access_rules \u003d self._index(req)"},{"line_number":110,"context_line":"        return self._view_builder.list_view(req, access_rules)"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"    @wsgi.Controller.api_version(\u00272.81\u0027)"},{"line_number":113,"context_line":"    def index(self, req): # pylint: disable\u003dfunction-redefined  # noqa F811"},{"line_number":114,"context_line":"        \"\"\"Returns the list of access rules for a given share.\"\"\""},{"line_number":115,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"}],"source_content_type":"text/x-python","patch_set":13,"id":"8827f4ea_db39f785","line":112,"range":{"start_line":106,"start_character":0,"end_line":112,"end_character":40},"updated":"2023-08-01 23:46:59.000000000","message":"same comment as above","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":103,"context_line":"            context, share, search_opts)"},{"line_number":104,"context_line":"        return access_rules"},{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027, \u00272.80\u0027)"},{"line_number":107,"context_line":"    def index(self, req):"},{"line_number":108,"context_line":"        \"\"\"Returns the list of access rules for a given share.\"\"\""},{"line_number":109,"context_line":"        access_rules \u003d self._index(req)"},{"line_number":110,"context_line":"        return self._view_builder.list_view(req, access_rules)"},{"line_number":111,"context_line":""},{"line_number":112,"context_line":"    @wsgi.Controller.api_version(\u00272.81\u0027)"},{"line_number":113,"context_line":"    def index(self, req): # pylint: disable\u003dfunction-redefined  # noqa F811"},{"line_number":114,"context_line":"        \"\"\"Returns the list of access rules for a given share.\"\"\""},{"line_number":115,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"}],"source_content_type":"text/x-python","patch_set":13,"id":"dc9df45b_e3f1f8eb","line":112,"range":{"start_line":106,"start_character":0,"end_line":112,"end_character":40},"in_reply_to":"8827f4ea_db39f785","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":54,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027)"},{"line_number":55,"context_line":"    @wsgi.Controller.authorize"},{"line_number":56,"context_line":"    def index(self, req):"},{"line_number":57,"context_line":"        \"\"\"Returns the list of access rules for a given share.\"\"\""},{"line_number":58,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"},{"line_number":59,"context_line":"        search_opts \u003d {}"},{"line_number":60,"context_line":"        search_opts.update(req.GET)"}],"source_content_type":"text/x-python","patch_set":18,"id":"c60b41f0_47f022a2","side":"PARENT","line":57,"updated":"2023-08-21 22:36:57.000000000","message":"please restore this doc string","commit_id":"090c2f73c4393083a4a71e39314625ea592b0e0a"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":54,"context_line":"    @wsgi.Controller.api_version(\u00272.45\u0027)"},{"line_number":55,"context_line":"    @wsgi.Controller.authorize"},{"line_number":56,"context_line":"    def index(self, req):"},{"line_number":57,"context_line":"        \"\"\"Returns the list of access rules for a given share.\"\"\""},{"line_number":58,"context_line":"        context \u003d req.environ[\u0027manila.context\u0027]"},{"line_number":59,"context_line":"        search_opts \u003d {}"},{"line_number":60,"context_line":"        search_opts.update(req.GET)"}],"source_content_type":"text/x-python","patch_set":18,"id":"3b507031_e2e5804a","side":"PARENT","line":57,"in_reply_to":"c60b41f0_47f022a2","updated":"2023-08-23 15:13:47.000000000","message":"oops... Done","commit_id":"090c2f73c4393083a4a71e39314625ea592b0e0a"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":47,"context_line":"        share_access \u003d self._get_share_access(context, id)"},{"line_number":48,"context_line":"        restricted \u003d self._is_rule_restricted(context, id)"},{"line_number":49,"context_line":"        if restricted:"},{"line_number":50,"context_line":"            share_access \u003d dict(share_access)"},{"line_number":51,"context_line":"            share_access[\u0027restricted\u0027] \u003d True"},{"line_number":52,"context_line":"        return self._view_builder.view(req, share_access)"},{"line_number":53,"context_line":""},{"line_number":54,"context_line":"    def _is_rule_restricted(self, context, id):"}],"source_content_type":"text/x-python","patch_set":18,"id":"b1701a9f_640d7823","line":51,"range":{"start_line":50,"start_character":12,"end_line":51,"end_character":45},"updated":"2023-08-21 22:36:57.000000000","message":"why dictify? did setting this fail without the dict conversion?","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":47,"context_line":"        share_access \u003d self._get_share_access(context, id)"},{"line_number":48,"context_line":"        restricted \u003d self._is_rule_restricted(context, id)"},{"line_number":49,"context_line":"        if restricted:"},{"line_number":50,"context_line":"            share_access \u003d dict(share_access)"},{"line_number":51,"context_line":"            share_access[\u0027restricted\u0027] \u003d True"},{"line_number":52,"context_line":"        return self._view_builder.view(req, share_access)"},{"line_number":53,"context_line":""},{"line_number":54,"context_line":"    def _is_rule_restricted(self, context, id):"}],"source_content_type":"text/x-python","patch_set":18,"id":"ee276d7e_2fd2829c","line":51,"range":{"start_line":50,"start_character":12,"end_line":51,"end_character":45},"in_reply_to":"b1701a9f_640d7823","updated":"2023-08-23 15:13:47.000000000","message":"I believe at some point it did, but something might have changed in the past... removing this for now","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":59,"context_line":"        }"},{"line_number":60,"context_line":"        locks, count \u003d self.resource_locks_api.get_all(context, search_opts)"},{"line_number":61,"context_line":"        locks_visibility \u003d []"},{"line_number":62,"context_line":"        for lock in locks:"},{"line_number":63,"context_line":"            is_visibility_restricted \u003d ("},{"line_number":64,"context_line":"                self.resource_locks_api.access_is_restricted(context, lock))"},{"line_number":65,"context_line":"            locks_visibility.append(is_visibility_restricted)"},{"line_number":66,"context_line":"        restricted \u003d any(locks_visibility)"},{"line_number":67,"context_line":"        return restricted"},{"line_number":68,"context_line":""},{"line_number":69,"context_line":"    def _get_share_access(self, context, share_access_id):"},{"line_number":70,"context_line":"        try:"}],"source_content_type":"text/x-python","patch_set":18,"id":"ff1bd429_df26c401","line":67,"range":{"start_line":62,"start_character":8,"end_line":67,"end_character":25},"updated":"2023-08-21 22:36:57.000000000","message":"since we\u0027ll only ever have one:\n\n```\n if count:\n    return self.resource_locks_api.access_is_restricted(context, locks[0]))\n```","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":59,"context_line":"        }"},{"line_number":60,"context_line":"        locks, count \u003d self.resource_locks_api.get_all(context, search_opts)"},{"line_number":61,"context_line":"        locks_visibility \u003d []"},{"line_number":62,"context_line":"        for lock in locks:"},{"line_number":63,"context_line":"            is_visibility_restricted \u003d ("},{"line_number":64,"context_line":"                self.resource_locks_api.access_is_restricted(context, lock))"},{"line_number":65,"context_line":"            locks_visibility.append(is_visibility_restricted)"},{"line_number":66,"context_line":"        restricted \u003d any(locks_visibility)"},{"line_number":67,"context_line":"        return restricted"},{"line_number":68,"context_line":""},{"line_number":69,"context_line":"    def _get_share_access(self, context, share_access_id):"},{"line_number":70,"context_line":"        try:"}],"source_content_type":"text/x-python","patch_set":18,"id":"07d6752b_8b7264e5","line":67,"range":{"start_line":62,"start_character":8,"end_line":67,"end_character":25},"in_reply_to":"ff1bd429_df26c401","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    def _validate_search_opts(self, search_opts):"},{"line_number":75,"context_line":"        \"\"\"Check if search opts parameters are valid.\"\"\""},{"line_number":76,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":77,"context_line":"        if access_level not in constants.ACCESS_LEVELS + (None,):"},{"line_number":78,"context_line":"            msg \u003d _(\"Invalid share access level: %s.\") % access_level"},{"line_number":79,"context_line":"            raise exception.InvalidShareAccess(reason\u003dmsg)"},{"line_number":80,"context_line":""}],"source_content_type":"text/x-python","patch_set":20,"id":"3b629ccc_aaa0e442","line":77,"range":{"start_line":76,"start_character":7,"end_line":77,"end_character":65},"updated":"2023-08-23 23:20:18.000000000","message":"this doesn\u0027t validate if the caller deliberately sets access_level\u003dNone \n\n```\nif (\u0027access_level\u0027 in search_opts \n    and search_opts[\u0027access_level\u0027] not in constants.ACCESS_LEVELS):\n    msg \u003d _(\"Invalid share access level: %s.\") % access_level\n           raise exception.InvalidShareAccess(reason\u003dmsg)\n```\n\n\n\nalso, why only \"access_level\"; we\u0027re adding other filters too at this version? https://review.opendev.org/c/openstack/manila/+/887725/20/manila/db/sqlalchemy/api.py#2953","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":73,"context_line":""},{"line_number":74,"context_line":"    def _validate_search_opts(self, search_opts):"},{"line_number":75,"context_line":"        \"\"\"Check if search opts parameters are valid.\"\"\""},{"line_number":76,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":77,"context_line":"        if access_level not in constants.ACCESS_LEVELS + (None,):"},{"line_number":78,"context_line":"            msg \u003d _(\"Invalid share access level: %s.\") % access_level"},{"line_number":79,"context_line":"            raise exception.InvalidShareAccess(reason\u003dmsg)"},{"line_number":80,"context_line":""}],"source_content_type":"text/x-python","patch_set":20,"id":"797bade2_3e14bc18","line":77,"range":{"start_line":76,"start_character":7,"end_line":77,"end_character":65},"in_reply_to":"3b629ccc_aaa0e442","updated":"2023-08-24 17:55:19.000000000","message":"Ack\nI was not much of other validations but was a mistake on my end. Am also validating access_to and access_type now","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":75,"context_line":"        \"\"\"Check if search opts parameters are valid.\"\"\""},{"line_number":76,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":77,"context_line":"        if access_level not in constants.ACCESS_LEVELS + (None,):"},{"line_number":78,"context_line":"            msg \u003d _(\"Invalid share access level: %s.\") % access_level"},{"line_number":79,"context_line":"            raise exception.InvalidShareAccess(reason\u003dmsg)"},{"line_number":80,"context_line":""},{"line_number":81,"context_line":"    @wsgi.Controller.authorize(\u0027index\u0027)"}],"source_content_type":"text/x-python","patch_set":20,"id":"3a909d6c_81c75ffc","line":78,"range":{"start_line":78,"start_character":11,"end_line":78,"end_character":69},"updated":"2023-08-23 23:20:18.000000000","message":"there\u0027s already a specific exception for this:","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":75,"context_line":"        \"\"\"Check if search opts parameters are valid.\"\"\""},{"line_number":76,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":77,"context_line":"        if access_level not in constants.ACCESS_LEVELS + (None,):"},{"line_number":78,"context_line":"            msg \u003d _(\"Invalid share access level: %s.\") % access_level"},{"line_number":79,"context_line":"            raise exception.InvalidShareAccess(reason\u003dmsg)"},{"line_number":80,"context_line":""},{"line_number":81,"context_line":"    @wsgi.Controller.authorize(\u0027index\u0027)"}],"source_content_type":"text/x-python","patch_set":20,"id":"f23b3adc_33a288b9","line":78,"range":{"start_line":78,"start_character":11,"end_line":78,"end_character":69},"in_reply_to":"3a909d6c_81c75ffc","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":76,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":77,"context_line":"        if access_level not in constants.ACCESS_LEVELS + (None,):"},{"line_number":78,"context_line":"            msg \u003d _(\"Invalid share access level: %s.\") % access_level"},{"line_number":79,"context_line":"            raise exception.InvalidShareAccess(reason\u003dmsg)"},{"line_number":80,"context_line":""},{"line_number":81,"context_line":"    @wsgi.Controller.authorize(\u0027index\u0027)"},{"line_number":82,"context_line":"    def _index(self, req, support_for_access_filters\u003dFalse):"}],"source_content_type":"text/x-python","patch_set":20,"id":"dcb3fab2_76681e9f","line":79,"range":{"start_line":79,"start_character":28,"end_line":79,"end_character":46},"updated":"2023-08-23 23:20:18.000000000","message":"InvalidShareAccessLevel(level\u003daccess_level)","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":76,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":77,"context_line":"        if access_level not in constants.ACCESS_LEVELS + (None,):"},{"line_number":78,"context_line":"            msg \u003d _(\"Invalid share access level: %s.\") % access_level"},{"line_number":79,"context_line":"            raise exception.InvalidShareAccess(reason\u003dmsg)"},{"line_number":80,"context_line":""},{"line_number":81,"context_line":"    @wsgi.Controller.authorize(\u0027index\u0027)"},{"line_number":82,"context_line":"    def _index(self, req, support_for_access_filters\u003dFalse):"}],"source_content_type":"text/x-python","patch_set":20,"id":"d1b7e524_9170ba59","line":79,"range":{"start_line":79,"start_character":28,"end_line":79,"end_character":46},"in_reply_to":"dcb3fab2_76681e9f","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":30407,"name":"haixin","email":"haixin_haixin@qq.com","username":"haixin"},"change_message_id":"4cc97a6c0c86f2e5e271e1bf53aac3c9e3d206c3","unresolved":true,"context_lines":[{"line_number":93,"context_line":"                                   enable_ceph\u003dTrue,"},{"line_number":94,"context_line":"                                   enable_ipv6\u003dTrue)"},{"line_number":95,"context_line":""},{"line_number":96,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":97,"context_line":"        if (\u0027access_level\u0027 in search_opts and ("},{"line_number":98,"context_line":"                search_opts[\u0027access_level\u0027] not in constants.ACCESS_LEVELS)):"},{"line_number":99,"context_line":"            raise exception.InvalidShareAccessLevel(level\u003daccess_level)"},{"line_number":100,"context_line":""},{"line_number":101,"context_line":"    @wsgi.Controller.authorize(\u0027index\u0027)"}],"source_content_type":"text/x-python","patch_set":21,"id":"9bd51c40_59cf6b3e","line":98,"range":{"start_line":96,"start_character":8,"end_line":98,"end_character":77},"updated":"2023-08-25 07:10:57.000000000","message":"we can write more clear:\n\n    access_level \u003d search_opts.get(\u0027access_level\u0027, None)\n    if access_level and access_level not in constants.ACCESS_LEVELS:\n        raise exception.InvalidShareAccessLevel(level\u003daccess_level)","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":30407,"name":"haixin","email":"haixin_haixin@qq.com","username":"haixin"},"change_message_id":"9b817461b5396cf322a988cbc6a629c232fb8d1e","unresolved":false,"context_lines":[{"line_number":93,"context_line":"                                   enable_ceph\u003dTrue,"},{"line_number":94,"context_line":"                                   enable_ipv6\u003dTrue)"},{"line_number":95,"context_line":""},{"line_number":96,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":97,"context_line":"        if (\u0027access_level\u0027 in search_opts and ("},{"line_number":98,"context_line":"                search_opts[\u0027access_level\u0027] not in constants.ACCESS_LEVELS)):"},{"line_number":99,"context_line":"            raise exception.InvalidShareAccessLevel(level\u003daccess_level)"},{"line_number":100,"context_line":""},{"line_number":101,"context_line":"    @wsgi.Controller.authorize(\u0027index\u0027)"}],"source_content_type":"text/x-python","patch_set":21,"id":"12fff635_87006ac0","line":98,"range":{"start_line":96,"start_character":8,"end_line":98,"end_character":77},"in_reply_to":"2fade607_3b2df8ce","updated":"2023-08-28 01:25:12.000000000","message":"sure","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"6525a64e08448f050a9a1a9f7adca6edc6de6d63","unresolved":true,"context_lines":[{"line_number":93,"context_line":"                                   enable_ceph\u003dTrue,"},{"line_number":94,"context_line":"                                   enable_ipv6\u003dTrue)"},{"line_number":95,"context_line":""},{"line_number":96,"context_line":"        access_level \u003d search_opts.get(\u0027access_level\u0027)"},{"line_number":97,"context_line":"        if (\u0027access_level\u0027 in search_opts and ("},{"line_number":98,"context_line":"                search_opts[\u0027access_level\u0027] not in constants.ACCESS_LEVELS)):"},{"line_number":99,"context_line":"            raise exception.InvalidShareAccessLevel(level\u003daccess_level)"},{"line_number":100,"context_line":""},{"line_number":101,"context_line":"    @wsgi.Controller.authorize(\u0027index\u0027)"}],"source_content_type":"text/x-python","patch_set":21,"id":"2fade607_3b2df8ce","line":98,"range":{"start_line":96,"start_character":8,"end_line":98,"end_character":77},"in_reply_to":"9bd51c40_59cf6b3e","updated":"2023-08-25 13:13:32.000000000","message":"totally agree. can I push this in a follow-up change? :)","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":30407,"name":"haixin","email":"haixin_haixin@qq.com","username":"haixin"},"change_message_id":"4cc97a6c0c86f2e5e271e1bf53aac3c9e3d206c3","unresolved":true,"context_lines":[{"line_number":129,"context_line":"        for rule in access_rules:"},{"line_number":130,"context_line":"            restricted \u003d self._is_rule_restricted(context, rule[\u0027id\u0027])"},{"line_number":131,"context_line":"            rule[\u0027restricted\u0027] \u003d restricted"},{"line_number":132,"context_line":"            if ((\u0027access_to\u0027 in search_opts or \u0027access_key\u0027 in search_opts)"},{"line_number":133,"context_line":"                    and restricted):"},{"line_number":134,"context_line":"                continue"},{"line_number":135,"context_line":"            rule_list.append(rule)"},{"line_number":136,"context_line":""}],"source_content_type":"text/x-python","patch_set":21,"id":"b577fc8b_1a422b0b","line":133,"range":{"start_line":132,"start_character":12,"end_line":133,"end_character":36},"updated":"2023-08-25 07:10:57.000000000","message":"why need (\u0027access_to\u0027 in search_opts or \u0027access_key\u0027 in search_opts) ?\nif  user A GET share-access-rules?share_id\u003dxxxxx  means search_opts \u003d {\u0027share_id\u0027: xxxx}\naccess_rules \u003d self.share_api.access_get_all(\n            context, share, search_opts)\naccess_rules return 3 rules. but rule_1 is restricted by userB.\nhere we can not append rule1 to rule_list.\nso i think here should be:\n\n    if restricted:\n        continue","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":30407,"name":"haixin","email":"haixin_haixin@qq.com","username":"haixin"},"change_message_id":"9b817461b5396cf322a988cbc6a629c232fb8d1e","unresolved":false,"context_lines":[{"line_number":129,"context_line":"        for rule in access_rules:"},{"line_number":130,"context_line":"            restricted \u003d self._is_rule_restricted(context, rule[\u0027id\u0027])"},{"line_number":131,"context_line":"            rule[\u0027restricted\u0027] \u003d restricted"},{"line_number":132,"context_line":"            if ((\u0027access_to\u0027 in search_opts or \u0027access_key\u0027 in search_opts)"},{"line_number":133,"context_line":"                    and restricted):"},{"line_number":134,"context_line":"                continue"},{"line_number":135,"context_line":"            rule_list.append(rule)"},{"line_number":136,"context_line":""}],"source_content_type":"text/x-python","patch_set":21,"id":"c0a87a08_a6ca33df","line":133,"range":{"start_line":132,"start_character":12,"end_line":133,"end_character":36},"in_reply_to":"9a3e56ec_f315e7a5","updated":"2023-08-28 01:25:12.000000000","message":"ack, thanks.","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"6525a64e08448f050a9a1a9f7adca6edc6de6d63","unresolved":true,"context_lines":[{"line_number":129,"context_line":"        for rule in access_rules:"},{"line_number":130,"context_line":"            restricted \u003d self._is_rule_restricted(context, rule[\u0027id\u0027])"},{"line_number":131,"context_line":"            rule[\u0027restricted\u0027] \u003d restricted"},{"line_number":132,"context_line":"            if ((\u0027access_to\u0027 in search_opts or \u0027access_key\u0027 in search_opts)"},{"line_number":133,"context_line":"                    and restricted):"},{"line_number":134,"context_line":"                continue"},{"line_number":135,"context_line":"            rule_list.append(rule)"},{"line_number":136,"context_line":""}],"source_content_type":"text/x-python","patch_set":21,"id":"9a3e56ec_f315e7a5","line":133,"range":{"start_line":132,"start_character":12,"end_line":133,"end_character":36},"in_reply_to":"b577fc8b_1a422b0b","updated":"2023-08-25 13:13:32.000000000","message":"hey, haixin! What I\u0027m attempting to do here is:\n\nI\u0027m attempting to avoid someone having access to an access rule they shouldn\u0027t have. So let\u0027s think of the following scenario:\n- You list access rules and you know there are two restricted access rules to you, because you can\u0027t see its access_key/access_to content.\n- You try to guess an access_to field, or an access_key and uses the filters from the API to filter it.\n- The API returns 1 access rule from the list, but its content is redacted (the access rule is restricted).\n\nThe API will confirm to you that it exists and you will know that the access rule has the access_to/access_type filter you have used, so that\u0027s why I\u0027m removing it from the list. It could be a security fault.","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"}],"manila/api/v2/shares.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":499,"context_line":"        kwargs \u003d {}"},{"line_number":500,"context_line":"        if req.api_version_request \u003e\u003d api_version.APIVersionRequest(\"2.74\"):"},{"line_number":501,"context_line":"            kwargs[\u0027allow_on_error_state\u0027] \u003d True"},{"line_number":502,"context_line":"        if req.api_version_request \u003e\u003d api_version.APIVersionRequest(\"2.81\"):"},{"line_number":503,"context_line":"            kwargs[\u0027check_for_locks\u0027] \u003d True"},{"line_number":504,"context_line":"        return self._deny_access(*args, **kwargs)"},{"line_number":505,"context_line":""},{"line_number":506,"context_line":"    @wsgi.Controller.api_version(\u00272.0\u0027, \u00272.6\u0027)"},{"line_number":507,"context_line":"    @wsgi.action(\u0027os-access_list\u0027)"}],"source_content_type":"text/x-python","patch_set":13,"id":"44a9ebcc_57375d24","line":504,"range":{"start_line":502,"start_character":0,"end_line":504,"end_character":0},"updated":"2023-08-01 23:46:59.000000000","message":"restricting the deletion of the access rule shouldn\u0027t be versioned.. i.e., you shouldn\u0027t allow someone to delete access rules by using an older API microversion","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":499,"context_line":"        kwargs \u003d {}"},{"line_number":500,"context_line":"        if req.api_version_request \u003e\u003d api_version.APIVersionRequest(\"2.74\"):"},{"line_number":501,"context_line":"            kwargs[\u0027allow_on_error_state\u0027] \u003d True"},{"line_number":502,"context_line":"        if req.api_version_request \u003e\u003d api_version.APIVersionRequest(\"2.81\"):"},{"line_number":503,"context_line":"            kwargs[\u0027check_for_locks\u0027] \u003d True"},{"line_number":504,"context_line":"        return self._deny_access(*args, **kwargs)"},{"line_number":505,"context_line":""},{"line_number":506,"context_line":"    @wsgi.Controller.api_version(\u00272.0\u0027, \u00272.6\u0027)"},{"line_number":507,"context_line":"    @wsgi.action(\u0027os-access_list\u0027)"}],"source_content_type":"text/x-python","patch_set":13,"id":"5d36a789_6636a1b9","line":504,"range":{"start_line":502,"start_character":0,"end_line":504,"end_character":0},"in_reply_to":"44a9ebcc_57375d24","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"}],"manila/db/sqlalchemy/api.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"38748b3df68b45bdf661808063fddf9081ecacdc","unresolved":true,"context_lines":[{"line_number":3079,"context_line":"        if not mapping:"},{"line_number":3080,"context_line":"            exception.NotFound()"},{"line_number":3081,"context_line":""},{"line_number":3082,"context_line":"        filters \u003d {"},{"line_number":3083,"context_line":"            \u0027resource_id\u0027: mapping[\u0027access_id\u0027],"},{"line_number":3084,"context_line":"            \u0027all_projects\u0027: True"},{"line_number":3085,"context_line":"        }"},{"line_number":3086,"context_line":"        locks, __ \u003d resource_lock_get_all("},{"line_number":3087,"context_line":"            context.elevated(), filters\u003dfilters"},{"line_number":3088,"context_line":"        )"},{"line_number":3089,"context_line":"        if locks:"},{"line_number":3090,"context_line":"            for lock in locks:"},{"line_number":3091,"context_line":"                resource_lock_delete("},{"line_number":3092,"context_line":"                    context.elevated(), lock[\u0027id\u0027]"},{"line_number":3093,"context_line":"                )"},{"line_number":3094,"context_line":""},{"line_number":3095,"context_line":"        mapping.soft_delete(session, update_status\u003dTrue,"},{"line_number":3096,"context_line":"                            status_field_name\u003d\u0027state\u0027)"}],"source_content_type":"text/x-python","patch_set":21,"id":"089c0b2f_1a56e0c5","line":3093,"range":{"start_line":3082,"start_character":8,"end_line":3093,"end_character":17},"updated":"2023-08-24 18:15:43.000000000","message":"move below the access rule deletion... you could expose rules with visibility locks for a short duration between these calls","commit_id":"0f82690dddd9d28e33e1538e09c78a378a1eb9d0"}],"manila/lock/api.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"7d4fc3edb046b39a24d9b3a8dd0bfd902fec9161","unresolved":true,"context_lines":[{"line_number":53,"context_line":"                                          \"contact the administrator.\")"},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"    def access_is_restricted(self, context, resource_lock):"},{"line_number":56,"context_line":"        request_context \u003d self._get_lock_context(context)"},{"line_number":57,"context_line":"        different_user_owns_lock \u003d ("},{"line_number":58,"context_line":"            request_context[\u0027user_id\u0027] !\u003d resource_lock[\u0027user_id\u0027])"},{"line_number":59,"context_line":"        return (different_user_owns_lock"},{"line_number":60,"context_line":"                and request_context[\u0027lock_context\u0027] !\u003d \u0027admin\u0027"},{"line_number":61,"context_line":"                and request_context[\u0027lock_context\u0027] !\u003d \u0027service\u0027)"},{"line_number":62,"context_line":""},{"line_number":63,"context_line":"    def get(self, context, lock_id):"},{"line_number":64,"context_line":"        \"\"\"Return resource lock with the specified id.\"\"\""}],"source_content_type":"text/x-python","patch_set":13,"id":"86d9ea02_2e91dbce","line":61,"range":{"start_line":56,"start_character":0,"end_line":61,"end_character":65},"updated":"2023-08-01 23:46:59.000000000","message":"you have to invert this logic; admin locks are restricted to everyone but admins, service locks are restricted to admins and services, while user locks are restricted to the specific user:\n\n```\n locked_by \u003d resource_lock[\u0027lock_context\u0027]\n \n\n if locked_by \u003d\u003d \u0027admin\u0027 and not context.is_admin:\n    return True\n if locked_by \u003d\u003d \u0027service\u0027 and not (context.is_admin or context.is_service):\n    return True\n if locked_by \u003d\u003d \u0027user\u0027 and not context.user_id \u003d\u003d resource_lock[\u0027user_id\u0027]:\n    return True\n \n```","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"f7d5dbbdccbe8583ca82bd57b3796f844b7e73dd","unresolved":false,"context_lines":[{"line_number":53,"context_line":"                                          \"contact the administrator.\")"},{"line_number":54,"context_line":""},{"line_number":55,"context_line":"    def access_is_restricted(self, context, resource_lock):"},{"line_number":56,"context_line":"        request_context \u003d self._get_lock_context(context)"},{"line_number":57,"context_line":"        different_user_owns_lock \u003d ("},{"line_number":58,"context_line":"            request_context[\u0027user_id\u0027] !\u003d resource_lock[\u0027user_id\u0027])"},{"line_number":59,"context_line":"        return (different_user_owns_lock"},{"line_number":60,"context_line":"                and request_context[\u0027lock_context\u0027] !\u003d \u0027admin\u0027"},{"line_number":61,"context_line":"                and request_context[\u0027lock_context\u0027] !\u003d \u0027service\u0027)"},{"line_number":62,"context_line":""},{"line_number":63,"context_line":"    def get(self, context, lock_id):"},{"line_number":64,"context_line":"        \"\"\"Return resource lock with the specified id.\"\"\""}],"source_content_type":"text/x-python","patch_set":13,"id":"fb8478ac_fd7924d8","line":61,"range":{"start_line":56,"start_character":0,"end_line":61,"end_character":65},"in_reply_to":"86d9ea02_2e91dbce","updated":"2023-08-03 15:15:36.000000000","message":"Done","commit_id":"73ec6aae514208bd99cf659bbe48d4022e3be1ea"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":161,"context_line":"        return self.db.resource_lock_update(context, lock_id, updates)"},{"line_number":162,"context_line":""},{"line_number":163,"context_line":"    def delete(self, context, lock_id):"},{"line_number":164,"context_line":"        \"\"\"Delete resource lock with the specified id.\"\"\""},{"line_number":165,"context_line":"        resource_lock \u003d self.db.resource_lock_get(context, lock_id)"},{"line_number":166,"context_line":"        policy.check_policy(context, \u0027resource_lock\u0027, \u0027delete\u0027, resource_lock)"},{"line_number":167,"context_line":"        self._check_allow_lock_manipulation(context, resource_lock)"}],"source_content_type":"text/x-python","patch_set":18,"id":"79831831_b688b87c","side":"PARENT","line":164,"range":{"start_line":164,"start_character":0,"end_line":164,"end_character":57},"updated":"2023-08-21 22:36:57.000000000","message":"please restore docstring","commit_id":"090c2f73c4393083a4a71e39314625ea592b0e0a"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":161,"context_line":"        return self.db.resource_lock_update(context, lock_id, updates)"},{"line_number":162,"context_line":""},{"line_number":163,"context_line":"    def delete(self, context, lock_id):"},{"line_number":164,"context_line":"        \"\"\"Delete resource lock with the specified id.\"\"\""},{"line_number":165,"context_line":"        resource_lock \u003d self.db.resource_lock_get(context, lock_id)"},{"line_number":166,"context_line":"        policy.check_policy(context, \u0027resource_lock\u0027, \u0027delete\u0027, resource_lock)"},{"line_number":167,"context_line":"        self._check_allow_lock_manipulation(context, resource_lock)"}],"source_content_type":"text/x-python","patch_set":18,"id":"4c461692_3d4fa752","side":"PARENT","line":164,"range":{"start_line":164,"start_character":0,"end_line":164,"end_character":57},"in_reply_to":"79831831_b688b87c","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"090c2f73c4393083a4a71e39314625ea592b0e0a"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":92,"context_line":"        except exception.NotAuthorized:"},{"line_number":93,"context_line":"            return True"},{"line_number":94,"context_line":""},{"line_number":95,"context_line":"        requester_is_admin_or_service \u003d context.is_admin or context.is_service"},{"line_number":96,"context_line":"        locked_by \u003d resource_lock[\u0027lock_context\u0027]"},{"line_number":97,"context_line":""},{"line_number":98,"context_line":"        if not requester_is_admin_or_service and ("},{"line_number":99,"context_line":"                locked_by \u003d\u003d \u0027user\u0027"},{"line_number":100,"context_line":"                and not context.user_id \u003d\u003d resource_lock[\u0027user_id\u0027]):"},{"line_number":101,"context_line":"            return True"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"        return False"},{"line_number":104,"context_line":""}],"source_content_type":"text/x-python","patch_set":18,"id":"f39defab_74acfa61","line":101,"range":{"start_line":95,"start_character":8,"end_line":101,"end_character":23},"updated":"2023-08-21 22:36:57.000000000","message":"this is quite confusing and you\u0027re missing \"project_id\" enforcement; i suggest implementing an RBAC rule instead and using that to enforce this logic. Something like:\n\n```\n policy.check_policy(context, \n                     \u0027resource_lock\u0027, \n                     \u0027bypass_locked_action\u0027, \n                     resource_lock)\n```\n\nthe rule is going to be similar to the policy for \"update\" or \"delete\"","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":92,"context_line":"        except exception.NotAuthorized:"},{"line_number":93,"context_line":"            return True"},{"line_number":94,"context_line":""},{"line_number":95,"context_line":"        requester_is_admin_or_service \u003d context.is_admin or context.is_service"},{"line_number":96,"context_line":"        locked_by \u003d resource_lock[\u0027lock_context\u0027]"},{"line_number":97,"context_line":""},{"line_number":98,"context_line":"        if not requester_is_admin_or_service and ("},{"line_number":99,"context_line":"                locked_by \u003d\u003d \u0027user\u0027"},{"line_number":100,"context_line":"                and not context.user_id \u003d\u003d resource_lock[\u0027user_id\u0027]):"},{"line_number":101,"context_line":"            return True"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"        return False"},{"line_number":104,"context_line":""}],"source_content_type":"text/x-python","patch_set":18,"id":"04aae634_aebff6ae","line":101,"range":{"start_line":95,"start_character":8,"end_line":101,"end_character":23},"in_reply_to":"f39defab_74acfa61","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"d3284491307594adc91d941509ba7d941b4d8c11","unresolved":true,"context_lines":[{"line_number":141,"context_line":"               resource_action\u003dNone, lock_reason\u003dNone, resource\u003dNone):"},{"line_number":142,"context_line":"        \"\"\"Create a resource lock with the specified information.\"\"\""},{"line_number":143,"context_line":"        get_res_method \u003d getattr(self.db, self.resource_get[resource_type])"},{"line_number":144,"context_line":"        if (resource_type"},{"line_number":145,"context_line":"                and resource_action \u003d\u003d constants.RESOURCE_ACTION_SHOW):"},{"line_number":146,"context_line":"            # We can\u0027t allow access rules visibility lock to be placed more"},{"line_number":147,"context_line":"            # than once, otherwise the rule might become visible to someone"},{"line_number":148,"context_line":"            # else."}],"source_content_type":"text/x-python","patch_set":18,"id":"144cd04e_e2b2f69c","line":145,"range":{"start_line":144,"start_character":8,"end_line":145,"end_character":71},"updated":"2023-08-21 22:36:57.000000000","message":"no need for resource_type check; \"show\" locks will only make sense if there is one no matter the resource type (i.e., when we allow more resource types in the future..)","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"ee7cea4c23440980cf8e39983610165ee537e314","unresolved":false,"context_lines":[{"line_number":141,"context_line":"               resource_action\u003dNone, lock_reason\u003dNone, resource\u003dNone):"},{"line_number":142,"context_line":"        \"\"\"Create a resource lock with the specified information.\"\"\""},{"line_number":143,"context_line":"        get_res_method \u003d getattr(self.db, self.resource_get[resource_type])"},{"line_number":144,"context_line":"        if (resource_type"},{"line_number":145,"context_line":"                and resource_action \u003d\u003d constants.RESOURCE_ACTION_SHOW):"},{"line_number":146,"context_line":"            # We can\u0027t allow access rules visibility lock to be placed more"},{"line_number":147,"context_line":"            # than once, otherwise the rule might become visible to someone"},{"line_number":148,"context_line":"            # else."}],"source_content_type":"text/x-python","patch_set":18,"id":"49698346_c1b5de55","line":145,"range":{"start_line":144,"start_character":8,"end_line":145,"end_character":71},"in_reply_to":"144cd04e_e2b2f69c","updated":"2023-08-23 15:13:47.000000000","message":"Done","commit_id":"7d2c0a3d39debfa9822baa28f135b43ba6ff4276"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":142,"context_line":"        get_res_method \u003d getattr(self.db, self.resource_get[resource_type])"},{"line_number":143,"context_line":"        if resource_action \u003d\u003d constants.RESOURCE_ACTION_SHOW:"},{"line_number":144,"context_line":"            # We can\u0027t allow visibility locks to be placed more than once,"},{"line_number":145,"context_line":"            # otherwise the rule might become visible to someone else."},{"line_number":146,"context_line":"            visibility_locks, __ \u003d self.db.resource_lock_get_all("},{"line_number":147,"context_line":"                context.elevated(),"},{"line_number":148,"context_line":"                filters\u003d{\u0027resource_id\u0027: resource_id,"}],"source_content_type":"text/x-python","patch_set":20,"id":"012ecae8_14c1aba8","line":145,"range":{"start_line":145,"start_character":28,"end_line":145,"end_character":32},"updated":"2023-08-23 23:20:18.000000000","message":"resource","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":142,"context_line":"        get_res_method \u003d getattr(self.db, self.resource_get[resource_type])"},{"line_number":143,"context_line":"        if resource_action \u003d\u003d constants.RESOURCE_ACTION_SHOW:"},{"line_number":144,"context_line":"            # We can\u0027t allow visibility locks to be placed more than once,"},{"line_number":145,"context_line":"            # otherwise the rule might become visible to someone else."},{"line_number":146,"context_line":"            visibility_locks, __ \u003d self.db.resource_lock_get_all("},{"line_number":147,"context_line":"                context.elevated(),"},{"line_number":148,"context_line":"                filters\u003d{\u0027resource_id\u0027: resource_id,"}],"source_content_type":"text/x-python","patch_set":20,"id":"071c2e6c_f43de47c","line":145,"range":{"start_line":145,"start_character":28,"end_line":145,"end_character":32},"in_reply_to":"012ecae8_14c1aba8","updated":"2023-08-24 17:55:19.000000000","message":"Done","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}],"manila/share/access.py":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"300dc9102fe2eca87c1e17f4e443995dba9d9221","unresolved":true,"context_lines":[{"line_number":390,"context_line":"        if delete_rules:"},{"line_number":391,"context_line":"            self._delete_access_rules_locks(context, delete_rules)"},{"line_number":392,"context_line":""},{"line_number":393,"context_line":"        self.delete_share_instance_access_rules("},{"line_number":394,"context_line":"            context, delete_rules, share_instance_id\u003dshare_instance[\u0027id\u0027])"},{"line_number":395,"context_line":""},{"line_number":396,"context_line":"        self._loop_for_refresh_else_update_access_rules_status("},{"line_number":397,"context_line":"            context, share_instance_id, share_server)"}],"source_content_type":"text/x-python","patch_set":20,"id":"ee92d435_66e466dc","line":394,"range":{"start_line":393,"start_character":8,"end_line":394,"end_character":74},"updated":"2023-08-23 23:20:18.000000000","message":"is it possible to clean up the locks within the db layer? we do stuff like this when we delete shares with rules, or shares with metadata etc","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"},{"author":{"_account_id":29632,"name":"Carlos Eduardo","email":"ces.eduardo98@gmail.com","username":"silvacarlos"},"change_message_id":"288b0913878f3112b5d37231e4ce9d8b2b8a1454","unresolved":false,"context_lines":[{"line_number":390,"context_line":"        if delete_rules:"},{"line_number":391,"context_line":"            self._delete_access_rules_locks(context, delete_rules)"},{"line_number":392,"context_line":""},{"line_number":393,"context_line":"        self.delete_share_instance_access_rules("},{"line_number":394,"context_line":"            context, delete_rules, share_instance_id\u003dshare_instance[\u0027id\u0027])"},{"line_number":395,"context_line":""},{"line_number":396,"context_line":"        self._loop_for_refresh_else_update_access_rules_status("},{"line_number":397,"context_line":"            context, share_instance_id, share_server)"}],"source_content_type":"text/x-python","patch_set":20,"id":"b5d24785_4da34fc5","line":394,"range":{"start_line":393,"start_character":8,"end_line":394,"end_character":74},"in_reply_to":"ee92d435_66e466dc","updated":"2023-08-24 17:55:19.000000000","message":"yes, it is possible :)","commit_id":"8f77d88da8c91a1b5f39da7a621152b3b7e98492"}]}