Remove registered limit policies from policy.v3cloudsample.json
By incorporating system-scope and default roles, we've effectively made these policies obsolete. We can simplify what we maintain and provide a more consistent, unified view of default registered limit behavior by removing them. Change-Id: I1ee7fb53a71361966584363687051615dc832329 Related-Bug: 1805880
This commit is contained in:
parent
bd2b7f3ed5
commit
7af769278a
|
@ -28,12 +28,6 @@
|
|||
"identity:update_endpoint": "rule:cloud_admin",
|
||||
"identity:delete_endpoint": "rule:cloud_admin",
|
||||
|
||||
"identity:get_registered_limit": "",
|
||||
"identity:list_registered_limits": "",
|
||||
"identity:create_registered_limits": "rule:admin_required",
|
||||
"identity:update_registered_limit": "rule:admin_required",
|
||||
"identity:delete_registered_limit": "rule:admin_required",
|
||||
|
||||
"identity:get_limit_model": "",
|
||||
"identity:get_limit": "",
|
||||
"identity:list_limits": "",
|
||||
|
|
|
@ -185,7 +185,12 @@ class PolicyJsonTestCase(unit.TestCase):
|
|||
'identity:get_credential',
|
||||
'identity:list_credentials',
|
||||
'identity:update_credential',
|
||||
'identity:delete_credential'
|
||||
'identity:delete_credential',
|
||||
'identity:create_registered_limits',
|
||||
'identity:get_registered_limit',
|
||||
'identity:list_registered_limits',
|
||||
'identity:update_registered_limit',
|
||||
'identity:delete_registered_limit'
|
||||
]
|
||||
policy_keys = self._get_default_policy_rules()
|
||||
for p in removed_policies:
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
upgrade:
|
||||
- |
|
||||
[`bug 1805880 <https://bugs.launchpad.net/keystone/+bug/1805880>`_]
|
||||
The registered limit policies defined in ``policy.v3cloudsample.json``
|
||||
have been removed. These policies are now obsolete after incorporating
|
||||
system-scope into the registered limit API and implementing default roles.
|
||||
fixes:
|
||||
- |
|
||||
[`bug 1805880 <https://bugs.launchpad.net/keystone/+bug/1805880>`_]
|
||||
The registered limit policies in ``policy.v3cloudsample.json`` policy
|
||||
file have been removed in favor of better defaults in code. These
|
||||
policies weren't tested exhaustively and were misleading to users
|
||||
and operators.
|
Loading…
Reference in New Issue