Move credential policies to DocumentedRuleDefault
A new policy class was introduce that requires additional parameters when defining policy objects. This patch switches our credential policy object to the policy.DocumentedRuleDefault and fills the required policy parameters as needed. Change-Id: I52215694a753dcb4761421d8306700cf35491342 Partially-Implements: bp policy-docs
This commit is contained in:
parent
9034755743
commit
498ddaa818
|
@ -15,21 +15,36 @@ from oslo_policy import policy
|
|||
from keystone.common.policies import base
|
||||
|
||||
credential_policies = [
|
||||
policy.RuleDefault(
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'get_credential',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Show credentials details.',
|
||||
operations=[{'path': '/v3/credentials/{credential_id}',
|
||||
'method': 'GET'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'list_credentials',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='List credentials.',
|
||||
operations=[{'path': '/v3/credentials',
|
||||
'method': 'GET'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'create_credential',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Create credential.',
|
||||
operations=[{'path': '/v3/credentials',
|
||||
'method': 'POST'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'update_credential',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Update credential.',
|
||||
operations=[{'path': '/v3/credentials/{credential_id}',
|
||||
'method': 'PATCH'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'delete_credential',
|
||||
check_str=base.RULE_ADMIN_REQUIRED)
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Delete credential.',
|
||||
operations=[{'path': '/v3/credentials/{credential_id}',
|
||||
'method': 'DELETE'}])
|
||||
]
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue