openstack/deb-designate
Code Issues Proposed changes
a25a6a98bc
deb-designate/etc/designate/policy.json
Graham Hayes f21daebe83 Enable X-Auth-Project flag in HTTP headers 
This also enables adding all_projects=true as part of the query string

This will set the "all_tenants" flag in the context, and does a policy
check to ensure the all_tenants is authorised

Closes-Bug: 1319112
Change-Id: Ic8c9a65a61784e0e08fa48961b7d6154d05fb11c
2014-07-21 11:22:17 +01:00

74 lines
2.2 KiB
JSON
Raw Blame History

{
"admin": "role:admin or is_admin:True",
"owner": "tenant:%(tenant_id)s",
"admin_or_owner": "rule:admin or rule:owner",
"default": "rule:admin_or_owner",
"all_tenants": "rule:admin",
"use_low_ttl": "rule:admin",
"get_quotas": "rule:admin_or_owner",
"get_quota": "rule:admin_or_owner",
"set_quota": "rule:admin",
"reset_quotas": "rule:admin",
"create_server": "rule:admin",
"find_servers": "rule:admin",
"get_server": "rule:admin",
"update_server": "rule:admin",
"delete_server": "rule:admin",
"create_tld": "rule:admin",
"find_tlds": "rule:admin",
"get_tld": "rule:admin",
"update_tld": "rule:admin",
"delete_tld": "rule:admin",
"create_tsigkey": "rule:admin",
"find_tsigkeys": "rule:admin",
"get_tsigkey": "rule:admin",
"update_tsigkey": "rule:admin",
"delete_tsigkey": "rule:admin",
"find_tenants": "rule:admin",
"get_tenant": "rule:admin",
"count_tenants": "rule:admin",
"create_domain": "rule:admin_or_owner",
"get_domains": "rule:admin_or_owner",
"get_domain": "rule:admin_or_owner",
"get_domain_servers": "rule:admin_or_owner",
"find_domains": "rule:admin_or_owner",
"find_domain": "rule:admin_or_owner",
"update_domain": "rule:admin_or_owner",
"delete_domain": "rule:admin_or_owner",
"count_domains": "rule:admin_or_owner",
"touch_domain": "rule:admin_or_owner",
"create_record": "rule:admin_or_owner",
"get_records": "rule:admin_or_owner",
"get_record": "rule:admin_or_owner",
"find_records": "rule:admin_or_owner",
"find_record": "rule:admin_or_owner",
"update_record": "rule:admin_or_owner",
"delete_record": "rule:admin_or_owner",
"count_records": "rule:admin_or_owner",
"use_sudo": "rule:admin",
"create_blacklist": "rule:admin",
"find_blacklist": "rule:admin",
"find_blacklists": "rule:admin",
"get_blacklist": "rule:admin",
"update_blacklist": "rule:admin",
"delete_blacklist": "rule:admin",
"use_blacklisted_domain": "rule:admin",
"diagnostics_ping": "rule:admin",
"diagnostics_sync_domains": "rule:admin",
"diagnostics_sync_domain": "rule:admin",
"diagnostics_sync_record": "rule:admin"
}
View Git Blame Copy Permalink