Add policy for limit model protection
We plan to expose the enforcement model a deployment is using via the limit API. This commit prepares for that implementation by introducing the policy for it. Change-Id: I03c9cec3646ee354ebcdd4ddc1168e00d611171b Related-Bug: 1765193
This commit is contained in:
parent
c0b0b25e42
commit
0022adb6ae
@ -36,6 +36,8 @@ identity:list_limits GET /v3/limits
|
||||
identity:create_limits POST /v3/limits
|
||||
identity:update_limit PATCH /v3/limits/{limit_id}
|
||||
identity:delete_limit DELETE /v3/limits/{limit_id}
|
||||
identity:get_limit_model GET /v3/limits/model
|
||||
HEAD /v3/limits/model
|
||||
|
||||
identity:get_domain GET /v3/domains/{domain_id}
|
||||
identity:list_domains GET /v3/domains
|
||||
|
@ -34,6 +34,7 @@
|
||||
"identity:update_registered_limit": "rule:admin_required",
|
||||
"identity:delete_registered_limit": "rule:admin_required",
|
||||
|
||||
"identity:get_limit_model": "",
|
||||
"identity:get_limit": "",
|
||||
"identity:list_limits": "",
|
||||
"identity:create_limits": "rule:admin_required",
|
||||
|
@ -15,6 +15,15 @@ from oslo_policy import policy
|
||||
from keystone.common.policies import base
|
||||
|
||||
limit_policies = [
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'get_limit_model',
|
||||
check_str='',
|
||||
scope_types=['system', 'project'],
|
||||
description='Get limit enforcement model.',
|
||||
operations=[{'path': '/v3/limits/model',
|
||||
'method': 'GET'},
|
||||
{'path': '/v3/limits/model',
|
||||
'method': 'HEAD'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'get_limit',
|
||||
check_str='',
|
||||
|
Loading…
Reference in New Issue
Block a user