policy.v3cloudsample.json: remove redundant blank space
Change-Id: Ieb7fb108889f5ce2bfb2e137d4e5551e8d9bb5d7 Signed-off-by: Chengwei Yang <yangchengwei@qiyi.com>
This commit is contained in:
parent
6d0f94891f
commit
ef4f8363c2
@ -3,7 +3,7 @@
|
|||||||
"cloud_admin": "role:admin and (is_admin_project:True or domain_id:admin_domain_id)",
|
"cloud_admin": "role:admin and (is_admin_project:True or domain_id:admin_domain_id)",
|
||||||
"service_role": "role:service",
|
"service_role": "role:service",
|
||||||
"service_or_admin": "rule:admin_required or rule:service_role",
|
"service_or_admin": "rule:admin_required or rule:service_role",
|
||||||
"owner" : "user_id:%(user_id)s or user_id:%(target.token.user_id)s",
|
"owner": "user_id:%(user_id)s or user_id:%(target.token.user_id)s",
|
||||||
"admin_or_owner": "(rule:admin_required and domain_id:%(target.token.user.domain.id)s) or rule:owner",
|
"admin_or_owner": "(rule:admin_required and domain_id:%(target.token.user.domain.id)s) or rule:owner",
|
||||||
"admin_and_matching_domain_id": "rule:admin_required and domain_id:%(domain_id)s",
|
"admin_and_matching_domain_id": "rule:admin_required and domain_id:%(domain_id)s",
|
||||||
"service_admin_or_owner": "rule:service_or_admin or rule:owner",
|
"service_admin_or_owner": "rule:service_or_admin or rule:owner",
|
||||||
@ -123,9 +123,9 @@
|
|||||||
"domain_admin_for_list_grants": "rule:admin_required and rule:domain_admin_grant_match",
|
"domain_admin_for_list_grants": "rule:admin_required and rule:domain_admin_grant_match",
|
||||||
"project_admin_for_list_grants": "rule:admin_required and project_id:%(project_id)s",
|
"project_admin_for_list_grants": "rule:admin_required and project_id:%(project_id)s",
|
||||||
|
|
||||||
"admin_on_domain_filter" : "rule:admin_required and domain_id:%(scope.domain.id)s",
|
"admin_on_domain_filter": "rule:admin_required and domain_id:%(scope.domain.id)s",
|
||||||
"admin_on_project_filter" : "rule:admin_required and project_id:%(scope.project.id)s",
|
"admin_on_project_filter": "rule:admin_required and project_id:%(scope.project.id)s",
|
||||||
"admin_on_domain_of_project_filter" : "rule:admin_required and domain_id:%(target.project.domain_id)s",
|
"admin_on_domain_of_project_filter": "rule:admin_required and domain_id:%(target.project.domain_id)s",
|
||||||
"identity:list_role_assignments": "rule:cloud_admin or rule:admin_on_domain_filter or rule:admin_on_project_filter",
|
"identity:list_role_assignments": "rule:cloud_admin or rule:admin_on_domain_filter or rule:admin_on_project_filter",
|
||||||
"identity:list_role_assignments_for_tree": "rule:cloud_admin or rule:admin_on_domain_of_project_filter",
|
"identity:list_role_assignments_for_tree": "rule:cloud_admin or rule:admin_on_domain_of_project_filter",
|
||||||
"identity:get_policy": "rule:cloud_admin",
|
"identity:get_policy": "rule:cloud_admin",
|
||||||
|
Loading…
Reference in New Issue
Block a user