openstack/blazar
Code Issues Proposed changes
16d5f67ba7
blazar/etc/policy.json
sbauza 8443312186 Policy management for Climate 
Implements policies in Climate with unittests based on Oslo.
Tight integration with Context as it will populate to Context
if user is admin or not based on policy.json

In order to make that work, please add policy.json to /etc/climate

Decorator @policy.authorize allows enforcing policy checks on
controllers.

Implements bp:climate-policy

Change-Id: I94e8fa142e5c5d830b0bea9278e5a47f9904db4c
2014-01-07 12:31:39 +01:00

21 lines
623 B
JSON
Raw Blame History

{
"admin": "is_admin:True or role:admin or role:masterofuniverse",
"admin_or_owner": "rule:admin or tenant_id:%(tenant_id)s",
"default": "!",
"admin_api": "rule:admin",
"climate:leases:get": "rule:admin_or_owner",
"climate:leases:create": "rule:admin_or_owner",
"climate:leases:delete": "rule:admin_or_owner",
"climate:leases:update": "rule:admin_or_owner",
"climate:plugins:get": "@",
"climate:oshosts:get": "rule:admin_or_owner",
"climate:oshosts:create": "rule:admin_api",
"climate:oshosts:delete": "rule:admin_api",
"climate:oshosts:update": "rule:admin_api"
}
View Git Blame Copy Permalink