Comment 29 for bug 1617918

"the last scenario will still make GET /v1/resources/uuid return different resources depending auth headers right? i think that's kind of weird to be honest."

No, because the ID is a primary key, so all resources have a unique id.

The thing is that if you do:
$ gnocchi resource create foobar
as user "jd", the resource id will be computed based on (foobar, jd) and let's say abc123.

If you gordc create a resource with:
$ gnocchi resource create foobar
your resource id will be (foobar, gordc) and it'll be let's say def456.

If I want to access your resource because e.g. you set a project_id to something that we both share <3 I can do:

$ gnocchi resource show foobar --created-by gordc
and in this case the client will compute the UUID with (foobar, gordc), which will show me the resource you created.

So all the ID are computed client side so that works.

The only case where what you describe happen is if I use the UUID computing on the server side, e.g. GET /v1/resource/instance/foobar, i.e. using "foobar" rather than the computed id. In this case the server will compute the uuid to get in the indexser using (foobar, jd).

Is this clearer?