openstack
/
keystone
Code Issues Proposed changes
keystone/keystone/common/policies
History
Lance Bragstad 40d3458fcb Implement system reader role for users 
This commit introduces the system reader role to the users API, making
it easier for administrators to delegate subsets of responsibilities
to the API by default. This commit also maintains the ability for
any user to be able to fetch their own user reference.

Subsequent patches will incorporate:

  - system member test coverage
  - system admin functionality
  - domain reader functionality
  - domain member test coverage
  - domain admin functionality
  - project user test coverage

Change-Id: I9c362e515772540dfa93d05781d955009b9a154d
Partial-Bug: 1805406
Partial-Bug: 1748027
Partial-Bug: 968696
 		2019-02-04 19:52:45 +00:00
..
__init__.py Add Application Credentials controller 2018-01-27 11:55:05 +01:00
access_token.py Add scope_types to oauth policies 2018-01-05 22:25:05 +00:00
application_credential.py Add Application Credentials controller 2018-01-27 11:55:05 +01:00
auth.py Implement GET /v3/auth/system 2018-01-24 01:09:16 +00:00
base.py Add scope checks to common system role definitions 2018-12-18 21:20:29 +00:00
consumer.py Add scope_types to oauth policies 2018-01-05 22:25:05 +00:00
credential.py Implement scope_type checking for credentials 2018-10-29 15:01:29 +00:00
domain.py Allow project users to retrieve domains 2019-01-21 20:46:05 +00:00
domain_config.py Add scope_types to domain config policies 2018-01-19 20:17:30 +00:00
ec2_credential.py Document scope_types for ec2 policies 2018-01-19 22:30:35 +00:00
endpoint.py Update endpoint policies for system reader 2019-01-08 22:28:46 +00:00
endpoint_group.py Add scope_types to endpoint group policies 2018-01-05 21:47:10 +00:00
grant.py Merge "Add scope_types to grant policies" 2018-01-26 21:48:27 +00:00
group.py Add scope_types to group policies 2018-01-19 20:20:06 +00:00
identity_provider.py Update idp policies for system reader 2019-01-08 22:09:31 +00:00
implied_role.py Add scope_types to implied role policies 2018-01-04 21:32:18 +00:00
limit.py Add policy for limit model protection 2018-06-19 20:27:00 +08:00
mapping.py Update mapping policies for system reader 2019-01-08 22:18:44 +00:00
policy.py Add scope_types for policy policies 2018-01-05 22:25:55 +00:00
policy_association.py Add scope_types to policy association policies 2018-01-04 20:37:30 +00:00
project.py Implement system admin role in project API 2019-01-07 20:48:11 +00:00
project_endpoint.py Add scope_types to project endpoint policies 2018-01-04 21:04:09 +00:00
protocol.py Add scope_types to protocol policies 2018-01-04 21:11:19 +00:00
region.py Add scope_types to region policies 2018-01-04 16:11:54 +00:00
registered_limit.py Allow domain users to access the registered limits API 2019-01-08 18:16:07 +00:00
revoke_event.py Add scope_types for revoke event policies 2018-01-04 21:14:16 +00:00
role.py Update role policies for system reader 2018-12-04 15:45:42 +00:00
role_assignment.py Add scope_types to role assignment policies 2018-01-23 15:54:24 +00:00
service.py Add scope_types to service policies 2018-01-04 19:46:10 +00:00
service_provider.py Update service provider policies for system admin 2019-01-04 17:58:31 +00:00
token.py Remove v2.0 policies 2018-02-20 22:38:17 +00:00
token_revocation.py Add scope_types to token revocation policies 2018-01-05 21:53:24 +00:00
trust.py Add scope_types to trust policies 2018-01-23 16:36:24 +00:00
user.py Implement system reader role for users 2019-02-04 19:52:45 +00:00