File 0001-Fix-RBAC-and-ACL-access-for-managing-secret-containe.patch of Package openstack-barbican-doc

From f269b5d4056ff7574734b6bf86497e857557d990 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Douglas=20Mendiz=C3=A1bal?= <dmendiza@redhat.com>
Date: Wed, 31 Mar 2021 12:54:15 -0500
Subject: [PATCH] Fix RBAC and ACL access for managing secret containers

This patch adds the missing access control data to enforce access
control for adding/removing secrets in containers.

Change-Id: I6879f566117db5ec0099ddad35ba649a3c674bd1
(cherry picked from commit 922c68badaf5cc4b43862ab261119b68cdc68a37)
(cherry picked from commit c8d3c580143282935de36e4a5a1708ee9242f7be)
(cherry picked from commit ef281473652f2d8f2da1c9ebced34b2e723cff5b)
(cherry picked from commit c39bb67a746a5c35d138c04114c991c1e7fd7918)
(cherry picked from commit f22739f1bc6eb16934598f04e21442d153049774)
---
 barbican/api/controllers/containers.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/barbican/api/controllers/containers.py b/barbican/api/controllers/containers.py
index 7548b6a8..8dc5629c 100644
--- a/barbican/api/controllers/containers.py
+++ b/barbican/api/controllers/containers.py
@@ -235,6 +235,12 @@ class ContainersSecretsController(controllers.ACLMixin):
         self.secret_repo = repo.get_secret_repository()
         self.validator = validators.ContainerSecretValidator()
 
+    def get_acl_tuple(self, req, **kwargs):
+        acl = self.get_acl_dict_for_user(req, self.container.container_acls)
+        acl['project_id'] = self.container.project.external_id
+        acl['creator_id'] = self.container.creator_id
+        return ('container', acl)
+
     @pecan.expose(generic=True)
     def index(self, **kwargs):
         pecan.abort(405)  # HTTP 405 Method Not Allowed as default
-- 
2.25.1