openstack
/
neutron-dynamic-routing
Code Issues Proposed changes

Add rule for updating network's router:external attribute 

Set admin_only rule for update_network:router:external in policy.json

Also, change the default value of router:external from attr.ATTR_NOT_SPECIFIED
to False, because each time we try to get or update a network the dict with
its attributes is extended by _extend_network_dict_l3 function which adds
router:external=False to the dict if this attribute is not specified.
Thus, if the default value is not specified, router:external is considered
to be updated in any case and the policy rule is applied.

Change-Id: I899d98c7d8c9d9863ac5d8f992b6a2d507ec4482
Closes-Bug: 1338880
This commit is contained in:
Elena Ezhova 2014-07-09 20:10:17 +04:00
parent a417731a67
commit e9a2f9034c
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
etc/policy.json
View File

@ -39,6 +39,7 @@
"update_network:provider:network_type": "rule:admin_only", "update_network:provider:network_type": "rule:admin_only",
"update_network:provider:physical_network": "rule:admin_only", "update_network:provider:physical_network": "rule:admin_only",
"update_network:provider:segmentation_id": "rule:admin_only", "update_network:provider:segmentation_id": "rule:admin_only",
"update_network:router:external": "rule:admin_only",
"delete_network": "rule:admin_or_owner", "delete_network": "rule:admin_or_owner",
"create_port": "", "create_port": "",