openstack/horizon
Code Issues Proposed changes
0f9d94e30f
horizon/openstack_dashboard/conf/neutron_policy.json
Akihiro Motoki f06e401adf Add HA mode support for Neutron router 
HA (high availability) mode support is one of the important topics in
Neutron Juno, and this patch adds HA router mode support to Horizon.

This commit also changes the default value of enable_distributed_router
in the example local_settings.py to False. In Juno release of Neutron,
the distributed router and L3 HA mode cannot be enabled at the same
time and only L3-agent deployment with L3 Router service plugin
support both features. Thus I believe it is reasonable to make both
options default to False to avoid unnecessary confusions to operators.

Closes-Bug: #1370110
Change-Id: I77b0292b761f08b4580846f6d58443f7df9a1f6b
2014-09-26 17:08:26 +09:00

179 lines
7.3 KiB
JSON
Raw Blame History

{
"context_is_admin": "role:admin",
"admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s",
"admin_or_network_owner": "rule:context_is_admin or project_id:%(network:project_id)s",
"admin_only": "rule:context_is_admin",
"regular_user": "",
"shared": "field:networks:shared=True",
"shared_firewalls": "field:firewalls:shared=True",
"external": "field:networks:router:external=True",
"default": "rule:admin_or_owner",
"subnets:private:read": "rule:admin_or_owner",
"subnets:private:write": "rule:admin_or_owner",
"subnets:shared:read": "rule:regular_user",
"subnets:shared:write": "rule:admin_only",
"create_subnet": "rule:admin_or_network_owner",
"get_subnet": "rule:admin_or_owner or rule:shared",
"update_subnet": "rule:admin_or_network_owner",
"delete_subnet": "rule:admin_or_network_owner",
"create_network": "",
"get_network": "rule:admin_or_owner or rule:shared or rule:external",
"get_network:router:external": "rule:regular_user",
"get_network:segments": "rule:admin_only",
"get_network:provider:network_type": "rule:admin_only",
"get_network:provider:physical_network": "rule:admin_only",
"get_network:provider:segmentation_id": "rule:admin_only",
"get_network:queue_id": "rule:admin_only",
"create_network:shared": "rule:admin_only",
"create_network:router:external": "rule:admin_only",
"create_network:segments": "rule:admin_only",
"create_network:provider:network_type": "rule:admin_only",
"create_network:provider:physical_network": "rule:admin_only",
"create_network:provider:segmentation_id": "rule:admin_only",
"update_network": "rule:admin_or_owner",
"update_network:segments": "rule:admin_only",
"update_network:provider:network_type": "rule:admin_only",
"update_network:provider:physical_network": "rule:admin_only",
"update_network:provider:segmentation_id": "rule:admin_only",
"delete_network": "rule:admin_or_owner",
"create_port": "",
"create_port:mac_address": "rule:admin_or_network_owner",
"create_port:fixed_ips": "rule:admin_or_network_owner",
"create_port:port_security_enabled": "rule:admin_or_network_owner",
"create_port:binding:host_id": "rule:admin_only",
"create_port:binding:profile": "rule:admin_only",
"create_port:mac_learning_enabled": "rule:admin_or_network_owner",
"get_port": "rule:admin_or_owner",
"get_port:queue_id": "rule:admin_only",
"get_port:binding:vif_type": "rule:admin_only",
"get_port:binding:capabilities": "rule:admin_only",
"get_port:binding:host_id": "rule:admin_only",
"get_port:binding:profile": "rule:admin_only",
"update_port": "rule:admin_or_owner",
"update_port:fixed_ips": "rule:admin_or_network_owner",
"update_port:port_security_enabled": "rule:admin_or_network_owner",
"update_port:binding:host_id": "rule:admin_only",
"update_port:binding:profile": "rule:admin_only",
"update_port:mac_learning_enabled": "rule:admin_or_network_owner",
"delete_port": "rule:admin_or_owner",
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
"create_ikepolicy": "rule:admin_or_owner",
"update_ikepolicy": "rule:admin_or_owner",
"delete_ikepolicy": "rule:admin_or_owner",
"create_ipsecpolicy": "rule:admin_or_owner",
"update_ipsecpolicy": "rule:admin_or_owner",
"delete_ipsecpolicy": "rule:admin_or_owner",
"create_vpnservice": "rule:admin_or_owner",
"update_vpnservice": "rule:admin_or_owner",
"delete_vpnservice": "rule:admin_or_owner",
"create_ipsec_site_connection": "rule:admin_or_owner",
"update_ipsec_site_connection": "rule:admin_or_owner",
"delete_ipsec_site_connection": "rule:admin_or_owner",
"create_firewall": "",
"get_firewall": "rule:admin_or_owner",
"create_firewall:shared": "rule:admin_only",
"get_firewall:shared": "rule:admin_only",
"update_firewall": "rule:admin_or_owner",
"delete_firewall": "rule:admin_or_owner",
"create_firewall_policy": "",
"get_firewall_policy": "rule:admin_or_owner or rule:shared_firewalls",
"create_firewall_policy:shared": "rule:admin_or_owner",
"update_firewall_policy": "rule:admin_or_owner",
"delete_firewall_policy": "rule:admin_or_owner",
"create_firewall_rule": "",
"get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls",
"create_firewall_rule:shared": "rule:admin_or_owner",
"get_firewall_rule:shared": "rule:admin_or_owner",
"update_firewall_rule": "rule:admin_or_owner",
"delete_firewall_rule": "rule:admin_or_owner",
"insert_rule": "rule:admin_or_owner",
"remove_rule": "rule:admin_or_owner",
"create_qos_queue": "rule:admin_only",
"get_qos_queue": "rule:admin_only",
"update_agent": "rule:admin_only",
"delete_agent": "rule:admin_only",
"get_agent": "rule:admin_only",
"create_dhcp-network": "rule:admin_only",
"delete_dhcp-network": "rule:admin_only",
"get_dhcp-networks": "rule:admin_only",
"create_l3-router": "rule:admin_only",
"delete_l3-router": "rule:admin_only",
"get_l3-routers": "rule:admin_only",
"get_dhcp-agents": "rule:admin_only",
"get_l3-agents": "rule:admin_only",
"get_loadbalancer-agent": "rule:admin_only",
"get_loadbalancer-pools": "rule:admin_only",
"create_pool": "rule:admin_or_owner",
"update_pool": "rule:admin_or_owner",
"delete_pool": "rule:admin_or_owner",
"create_vip": "rule:admin_or_owner",
"update_vip": "rule:admin_or_owner",
"delete_vip": "rule:admin_or_owner",
"create_member": "rule:admin_or_owner",
"update_member": "rule:admin_or_owner",
"delete_member": "rule:admin_or_owner",
"create_health_monitor": "rule:admin_or_owner",
"update_health_monitor": "rule:admin_or_owner",
"delete_health_monitor": "rule:admin_or_owner",
"create_pool_health_monitor": "rule:admin_or_owner",
"delete_pool_health_monitor": "rule:admin_or_owner",
"create_router": "rule:regular_user",
"get_router": "rule:admin_or_owner",
"update_router": "rule:admin_or_owner",
"add_router_interface": "rule:admin_or_owner",
"remove_router_interface": "rule:admin_or_owner",
"delete_router": "rule:admin_or_owner",
"get_router:distributed": "rule:admin_only",
"create_router:distributed": "rule:admin_only",
"update_router:distributed": "rule:admin_only",
"get_router:ha": "rule:admin_only",
"create_router:ha": "rule:admin_only",
"update_router:ha": "rule:admin_only",
"create_floatingip": "rule:regular_user",
"update_floatingip": "rule:admin_or_owner",
"delete_floatingip": "rule:admin_or_owner",
"get_floatingip": "rule:admin_or_owner",
"create_network_profile": "rule:admin_only",
"update_network_profile": "rule:admin_only",
"delete_network_profile": "rule:admin_only",
"get_network_profiles": "",
"get_network_profile": "",
"update_policy_profiles": "rule:admin_only",
"get_policy_profiles": "",
"get_policy_profile": "",
"create_metering_label": "rule:admin_only",
"delete_metering_label": "rule:admin_only",
"get_metering_label": "rule:admin_only",
"create_metering_label_rule": "rule:admin_only",
"delete_metering_label_rule": "rule:admin_only",
"get_metering_label_rule": "rule:admin_only",
"get_service_provider": "rule:regular_user"
}
View Git Blame Copy Permalink