0f82690ddd
Access rules rules allow API will now take three additional parameters: - lock_visibility: when True, only services, administrators and the same user will be able to see the content of ``access_to`` and access_key. - lock_deletion: when True, the access rule will be locked for deletion. Only services, administrators or the user that placed the lock will be able to drop the access rule. - lock_reason: a reason for the lock. This parameter should only be provided in the presence of at least one of the former parameters. In order to delete an access rule that is currently locked, the requester will need to specify ``unrestrict=True`` in the request. In case a service placed the restrictions, only the own service or the system administrator will be able to release it. This change also implements filters to the access list API. It is now possible to filter access rules based on `access_to`, `access_type`, `access_level` and `access_key`. DocImpact Change-Id: Iea422c9d6bc99a81cd88c5f4b7055d6a1cf97fdc
15 lines
348 B
JSON
15 lines
348 B
JSON
{
|
|
"allow_access": {
|
|
"access_level": "rw",
|
|
"access_type": "ip",
|
|
"access_to": "0.0.0.0/0",
|
|
"metadata":{
|
|
"key1": "value1",
|
|
"key2": "value2"
|
|
},
|
|
"lock_visibility": false,
|
|
"lock_deletion": true,
|
|
"lock_reason": "Locked for deletion until year end audit."
|
|
}
|
|
}
|