Merge "Remove system policy and its association from policy.v3cloudsample.json"
This commit is contained in:
Zuul
Gerrit Code Review
commit
6ef5272501
|
|
@ -59,29 +59,12 @@
|
|||
"admin_on_project_filter": "rule:admin_required and project_id:%(scope.project.id)s",
|
||||
"admin_on_domain_of_project_filter": "rule:admin_required and domain_id:%(target.project.domain_id)s",
|
||||
"identity:list_role_assignments_for_tree": "rule:cloud_admin or rule:admin_on_domain_of_project_filter",
|
||||
"identity:get_policy": "rule:cloud_admin",
|
||||
"identity:list_policies": "rule:cloud_admin",
|
||||
"identity:create_policy": "rule:cloud_admin",
|
||||
"identity:update_policy": "rule:cloud_admin",
|
||||
"identity:delete_policy": "rule:cloud_admin",
|
||||
|
||||
"identity:check_token": "rule:admin_or_owner",
|
||||
"identity:validate_token": "rule:service_admin_or_owner",
|
||||
"identity:validate_token_head": "rule:service_or_admin",
|
||||
"identity:revoke_token": "rule:admin_or_owner",
|
||||
|
||||
"identity:create_policy_association_for_endpoint": "rule:cloud_admin",
|
||||
"identity:check_policy_association_for_endpoint": "rule:cloud_admin",
|
||||
"identity:delete_policy_association_for_endpoint": "rule:cloud_admin",
|
||||
"identity:create_policy_association_for_service": "rule:cloud_admin",
|
||||
"identity:check_policy_association_for_service": "rule:cloud_admin",
|
||||
"identity:delete_policy_association_for_service": "rule:cloud_admin",
|
||||
"identity:create_policy_association_for_region_and_service": "rule:cloud_admin",
|
||||
"identity:check_policy_association_for_region_and_service": "rule:cloud_admin",
|
||||
"identity:delete_policy_association_for_region_and_service": "rule:cloud_admin",
|
||||
"identity:get_policy_for_endpoint": "rule:cloud_admin",
|
||||
"identity:list_endpoints_for_policy": "rule:cloud_admin",
|
||||
|
||||
"identity:create_domain_config": "rule:cloud_admin",
|
||||
"identity:get_domain_config": "rule:cloud_admin",
|
||||
"identity:update_domain_config": "rule:cloud_admin",
|
||||
|
|
|
|||
|
|
@ -323,7 +323,23 @@ class PolicyJsonTestCase(unit.TestCase):
|
|||
'identity:list_users_in_group',
|
||||
'identity:remove_user_from_group',
|
||||
'identity:check_user_in_group',
|
||||
'identity:add_user_to_group'
|
||||
'identity:add_user_to_group',
|
||||
'identity:get_policy',
|
||||
'identity:list_policies',
|
||||
'identity:create_policy',
|
||||
'identity:update_policy',
|
||||
'identity:delete_policy',
|
||||
'identity:create_policy_association_for_endpoint',
|
||||
'identity:check_policy_association_for_endpoint',
|
||||
'identity:delete_policy_association_for_endpoint',
|
||||
'identity:create_policy_association_for_service',
|
||||
'identity:check_policy_association_for_service',
|
||||
'identity:delete_policy_association_for_service',
|
||||
'identity:create_policy_association_for_region_and_service',
|
||||
'identity:check_policy_association_for_region_and_service',
|
||||
'identity:delete_policy_association_for_region_and_service',
|
||||
'identity:get_policy_for_endpoint',
|
||||
'identity:list_endpoints_for_policy'
|
||||
]
|
||||
policy_keys = self._get_default_policy_rules()
|
||||
for p in removed_policies:
|
||||
|
|
|
|||
Loading…
Reference in New Issue