Add permissions explanation to quickstart doc

* Also fixes part of the example which showed having a custom permission that could not exist in the way that django_openstack_auth's keystone backend was implemented. Change-Id: I46e748302d34f82648ef6690e2d5db4618487a6a Closes-Bug: #1605842
2017-09-05 13:44:17 +12:00 · 2017-09-05 13:44:17 +12:00 · 4d32b1fbe9
parent 99cd5bb25c
commit 4d32b1fbe9
1 changed files with 6 additions and 1 deletions
--- a/doc/source/contributor/quickstart.rst
+++ b/doc/source/contributor/quickstart.rst
@ -308,7 +308,7 @@ you register it in a ``panel.py`` file
    class Images(horizon.Panel):
        name = "Images"
        slug = 'images'
-        permissions = ('openstack.roles.admin', 'my.openstack.permission',)
+        permissions = ('openstack.roles.admin', 'openstack.service.image')
        policy_rules = (('endpoint', 'endpoint:rule'),)

    # You could also register your panel with another application's dashboard
@ -318,3 +318,8 @@ By default a :class:`~horizon.Panel` class looks for a ``urls.py`` file in the
 same directory as ``panel.py`` to include in the rollup of url patterns from
 panels to dashboards to Horizon, resulting in a wholly extensible, configurable
 URL structure.
+
+Policy rules are defined in ``horizon/openstack_dashboard/conf/``. Permissions
+are inherited from Keystone and take either the form
+'openstack.roles.role_name' or 'openstack.services.service_name' for the user's
+roles in keystone and the services in their service catalog.