Re-order items in policy.json
Grouped similar items into create/get/update/delete order so they are easier to find, as some were even in separate blocks. Trivialfix Change-Id: I283cd31fadf26f00fb18ccffea19a6b59d4277a1
This commit is contained in:
parent
c16d15fff2
commit
06dab9d3b3
@ -39,6 +39,13 @@
|
|||||||
"delete_address_scope": "rule:admin_or_owner",
|
"delete_address_scope": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_network": "",
|
"create_network": "",
|
||||||
|
"create_network:shared": "rule:admin_only",
|
||||||
|
"create_network:router:external": "rule:admin_only",
|
||||||
|
"create_network:is_default": "rule:admin_only",
|
||||||
|
"create_network:segments": "rule:admin_only",
|
||||||
|
"create_network:provider:network_type": "rule:admin_only",
|
||||||
|
"create_network:provider:physical_network": "rule:admin_only",
|
||||||
|
"create_network:provider:segmentation_id": "rule:admin_only",
|
||||||
"get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc",
|
"get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc",
|
||||||
"get_network:router:external": "rule:regular_user",
|
"get_network:router:external": "rule:regular_user",
|
||||||
"get_network:segments": "rule:admin_only",
|
"get_network:segments": "rule:admin_only",
|
||||||
@ -48,13 +55,6 @@
|
|||||||
"get_network:queue_id": "rule:admin_only",
|
"get_network:queue_id": "rule:admin_only",
|
||||||
"get_network_ip_availabilities": "rule:admin_only",
|
"get_network_ip_availabilities": "rule:admin_only",
|
||||||
"get_network_ip_availability": "rule:admin_only",
|
"get_network_ip_availability": "rule:admin_only",
|
||||||
"create_network:shared": "rule:admin_only",
|
|
||||||
"create_network:router:external": "rule:admin_only",
|
|
||||||
"create_network:is_default": "rule:admin_only",
|
|
||||||
"create_network:segments": "rule:admin_only",
|
|
||||||
"create_network:provider:network_type": "rule:admin_only",
|
|
||||||
"create_network:provider:physical_network": "rule:admin_only",
|
|
||||||
"create_network:provider:segmentation_id": "rule:admin_only",
|
|
||||||
"update_network": "rule:admin_or_owner",
|
"update_network": "rule:admin_or_owner",
|
||||||
"update_network:segments": "rule:admin_only",
|
"update_network:segments": "rule:admin_only",
|
||||||
"update_network:shared": "rule:admin_only",
|
"update_network:shared": "rule:admin_only",
|
||||||
@ -99,17 +99,19 @@
|
|||||||
"update_port:data_plane_status": "rule:admin_or_data_plane_int",
|
"update_port:data_plane_status": "rule:admin_or_data_plane_int",
|
||||||
"delete_port": "rule:context_is_advsvc or rule:admin_owner_or_network_owner",
|
"delete_port": "rule:context_is_advsvc or rule:admin_owner_or_network_owner",
|
||||||
|
|
||||||
"get_router:ha": "rule:admin_only",
|
|
||||||
"create_router": "rule:regular_user",
|
"create_router": "rule:regular_user",
|
||||||
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
|
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
|
||||||
|
"create_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
||||||
"create_router:distributed": "rule:admin_only",
|
"create_router:distributed": "rule:admin_only",
|
||||||
"create_router:ha": "rule:admin_only",
|
"create_router:ha": "rule:admin_only",
|
||||||
"get_router": "rule:admin_or_owner",
|
"get_router": "rule:admin_or_owner",
|
||||||
|
"get_router:ha": "rule:admin_only",
|
||||||
"get_router:distributed": "rule:admin_only",
|
"get_router:distributed": "rule:admin_only",
|
||||||
"update_router": "rule:admin_or_owner",
|
"update_router": "rule:admin_or_owner",
|
||||||
"update_router:external_gateway_info": "rule:admin_or_owner",
|
"update_router:external_gateway_info": "rule:admin_or_owner",
|
||||||
"update_router:external_gateway_info:network_id": "rule:admin_or_owner",
|
"update_router:external_gateway_info:network_id": "rule:admin_or_owner",
|
||||||
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
|
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
|
||||||
|
"update_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
||||||
"update_router:distributed": "rule:admin_only",
|
"update_router:distributed": "rule:admin_only",
|
||||||
"update_router:ha": "rule:admin_only",
|
"update_router:ha": "rule:admin_only",
|
||||||
"delete_router": "rule:admin_or_owner",
|
"delete_router": "rule:admin_or_owner",
|
||||||
@ -117,24 +119,24 @@
|
|||||||
"add_router_interface": "rule:admin_or_owner",
|
"add_router_interface": "rule:admin_or_owner",
|
||||||
"remove_router_interface": "rule:admin_or_owner",
|
"remove_router_interface": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
|
||||||
"update_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
|
||||||
|
|
||||||
"create_qos_queue": "rule:admin_only",
|
"create_qos_queue": "rule:admin_only",
|
||||||
"get_qos_queue": "rule:admin_only",
|
"get_qos_queue": "rule:admin_only",
|
||||||
|
|
||||||
|
"get_agent": "rule:admin_only",
|
||||||
"update_agent": "rule:admin_only",
|
"update_agent": "rule:admin_only",
|
||||||
"delete_agent": "rule:admin_only",
|
"delete_agent": "rule:admin_only",
|
||||||
"get_agent": "rule:admin_only",
|
|
||||||
|
|
||||||
"create_dhcp-network": "rule:admin_only",
|
"create_dhcp-network": "rule:admin_only",
|
||||||
"delete_dhcp-network": "rule:admin_only",
|
|
||||||
"get_dhcp-networks": "rule:admin_only",
|
"get_dhcp-networks": "rule:admin_only",
|
||||||
|
"delete_dhcp-network": "rule:admin_only",
|
||||||
|
|
||||||
"create_l3-router": "rule:admin_only",
|
"create_l3-router": "rule:admin_only",
|
||||||
"delete_l3-router": "rule:admin_only",
|
|
||||||
"get_l3-routers": "rule:admin_only",
|
"get_l3-routers": "rule:admin_only",
|
||||||
|
"delete_l3-router": "rule:admin_only",
|
||||||
|
|
||||||
"get_dhcp-agents": "rule:admin_only",
|
"get_dhcp-agents": "rule:admin_only",
|
||||||
"get_l3-agents": "rule:admin_only",
|
"get_l3-agents": "rule:admin_only",
|
||||||
|
|
||||||
"get_loadbalancer-agent": "rule:admin_only",
|
"get_loadbalancer-agent": "rule:admin_only",
|
||||||
"get_loadbalancer-pools": "rule:admin_only",
|
"get_loadbalancer-pools": "rule:admin_only",
|
||||||
"get_agent-loadbalancers": "rule:admin_only",
|
"get_agent-loadbalancers": "rule:admin_only",
|
||||||
@ -142,94 +144,105 @@
|
|||||||
|
|
||||||
"create_floatingip": "rule:regular_user",
|
"create_floatingip": "rule:regular_user",
|
||||||
"create_floatingip:floating_ip_address": "rule:admin_only",
|
"create_floatingip:floating_ip_address": "rule:admin_only",
|
||||||
|
"get_floatingip": "rule:admin_or_owner",
|
||||||
"update_floatingip": "rule:admin_or_owner",
|
"update_floatingip": "rule:admin_or_owner",
|
||||||
"delete_floatingip": "rule:admin_or_owner",
|
"delete_floatingip": "rule:admin_or_owner",
|
||||||
"get_floatingip": "rule:admin_or_owner",
|
|
||||||
|
|
||||||
"create_network_profile": "rule:admin_only",
|
"create_network_profile": "rule:admin_only",
|
||||||
"update_network_profile": "rule:admin_only",
|
|
||||||
"delete_network_profile": "rule:admin_only",
|
|
||||||
"get_network_profiles": "",
|
"get_network_profiles": "",
|
||||||
"get_network_profile": "",
|
"get_network_profile": "",
|
||||||
"update_policy_profiles": "rule:admin_only",
|
"update_network_profile": "rule:admin_only",
|
||||||
|
"delete_network_profile": "rule:admin_only",
|
||||||
|
|
||||||
"get_policy_profiles": "",
|
"get_policy_profiles": "",
|
||||||
"get_policy_profile": "",
|
"get_policy_profile": "",
|
||||||
|
"update_policy_profiles": "rule:admin_only",
|
||||||
|
|
||||||
"create_metering_label": "rule:admin_only",
|
"create_metering_label": "rule:admin_only",
|
||||||
"delete_metering_label": "rule:admin_only",
|
|
||||||
"get_metering_label": "rule:admin_only",
|
"get_metering_label": "rule:admin_only",
|
||||||
|
"delete_metering_label": "rule:admin_only",
|
||||||
|
|
||||||
"create_metering_label_rule": "rule:admin_only",
|
"create_metering_label_rule": "rule:admin_only",
|
||||||
"delete_metering_label_rule": "rule:admin_only",
|
|
||||||
"get_metering_label_rule": "rule:admin_only",
|
"get_metering_label_rule": "rule:admin_only",
|
||||||
|
"delete_metering_label_rule": "rule:admin_only",
|
||||||
|
|
||||||
|
"create_lsn": "rule:admin_only",
|
||||||
|
"get_lsn": "rule:admin_only",
|
||||||
|
|
||||||
"get_service_provider": "rule:regular_user",
|
"get_service_provider": "rule:regular_user",
|
||||||
"get_lsn": "rule:admin_only",
|
|
||||||
"create_lsn": "rule:admin_only",
|
|
||||||
|
|
||||||
"create_flavor": "rule:admin_only",
|
"create_flavor": "rule:admin_only",
|
||||||
"update_flavor": "rule:admin_only",
|
|
||||||
"delete_flavor": "rule:admin_only",
|
|
||||||
"get_flavors": "rule:regular_user",
|
"get_flavors": "rule:regular_user",
|
||||||
"get_flavor": "rule:regular_user",
|
"get_flavor": "rule:regular_user",
|
||||||
|
"update_flavor": "rule:admin_only",
|
||||||
|
"delete_flavor": "rule:admin_only",
|
||||||
|
|
||||||
"create_service_profile": "rule:admin_only",
|
"create_service_profile": "rule:admin_only",
|
||||||
"update_service_profile": "rule:admin_only",
|
|
||||||
"delete_service_profile": "rule:admin_only",
|
|
||||||
"get_service_profiles": "rule:admin_only",
|
"get_service_profiles": "rule:admin_only",
|
||||||
"get_service_profile": "rule:admin_only",
|
"get_service_profile": "rule:admin_only",
|
||||||
|
"update_service_profile": "rule:admin_only",
|
||||||
|
"delete_service_profile": "rule:admin_only",
|
||||||
|
|
||||||
"get_policy": "rule:regular_user",
|
|
||||||
"create_policy": "rule:admin_only",
|
"create_policy": "rule:admin_only",
|
||||||
|
"get_policy": "rule:regular_user",
|
||||||
"update_policy": "rule:admin_only",
|
"update_policy": "rule:admin_only",
|
||||||
"delete_policy": "rule:admin_only",
|
"delete_policy": "rule:admin_only",
|
||||||
"get_policy_bandwidth_limit_rule": "rule:regular_user",
|
|
||||||
"create_policy_bandwidth_limit_rule": "rule:admin_only",
|
"create_policy_bandwidth_limit_rule": "rule:admin_only",
|
||||||
"delete_policy_bandwidth_limit_rule": "rule:admin_only",
|
"get_policy_bandwidth_limit_rule": "rule:regular_user",
|
||||||
"update_policy_bandwidth_limit_rule": "rule:admin_only",
|
"update_policy_bandwidth_limit_rule": "rule:admin_only",
|
||||||
"get_policy_dscp_marking_rule": "rule:regular_user",
|
"delete_policy_bandwidth_limit_rule": "rule:admin_only",
|
||||||
|
|
||||||
"create_policy_dscp_marking_rule": "rule:admin_only",
|
"create_policy_dscp_marking_rule": "rule:admin_only",
|
||||||
"delete_policy_dscp_marking_rule": "rule:admin_only",
|
"get_policy_dscp_marking_rule": "rule:regular_user",
|
||||||
"update_policy_dscp_marking_rule": "rule:admin_only",
|
"update_policy_dscp_marking_rule": "rule:admin_only",
|
||||||
|
"delete_policy_dscp_marking_rule": "rule:admin_only",
|
||||||
|
|
||||||
"get_rule_type": "rule:regular_user",
|
"get_rule_type": "rule:regular_user",
|
||||||
"get_policy_minimum_bandwidth_rule": "rule:regular_user",
|
|
||||||
"create_policy_minimum_bandwidth_rule": "rule:admin_only",
|
"create_policy_minimum_bandwidth_rule": "rule:admin_only",
|
||||||
"delete_policy_minimum_bandwidth_rule": "rule:admin_only",
|
"get_policy_minimum_bandwidth_rule": "rule:regular_user",
|
||||||
"update_policy_minimum_bandwidth_rule": "rule:admin_only",
|
"update_policy_minimum_bandwidth_rule": "rule:admin_only",
|
||||||
|
"delete_policy_minimum_bandwidth_rule": "rule:admin_only",
|
||||||
|
|
||||||
"restrict_wildcard": "(not field:rbac_policy:target_tenant=*) or rule:admin_only",
|
"restrict_wildcard": "(not field:rbac_policy:target_tenant=*) or rule:admin_only",
|
||||||
"create_rbac_policy": "",
|
"create_rbac_policy": "",
|
||||||
"create_rbac_policy:target_tenant": "rule:restrict_wildcard",
|
"create_rbac_policy:target_tenant": "rule:restrict_wildcard",
|
||||||
|
"get_rbac_policy": "rule:admin_or_owner",
|
||||||
"update_rbac_policy": "rule:admin_or_owner",
|
"update_rbac_policy": "rule:admin_or_owner",
|
||||||
"update_rbac_policy:target_tenant": "rule:restrict_wildcard and rule:admin_or_owner",
|
"update_rbac_policy:target_tenant": "rule:restrict_wildcard and rule:admin_or_owner",
|
||||||
"get_rbac_policy": "rule:admin_or_owner",
|
|
||||||
"delete_rbac_policy": "rule:admin_or_owner",
|
"delete_rbac_policy": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_flavor_service_profile": "rule:admin_only",
|
"create_flavor_service_profile": "rule:admin_only",
|
||||||
"delete_flavor_service_profile": "rule:admin_only",
|
|
||||||
"get_flavor_service_profile": "rule:regular_user",
|
"get_flavor_service_profile": "rule:regular_user",
|
||||||
|
"delete_flavor_service_profile": "rule:admin_only",
|
||||||
|
|
||||||
"get_auto_allocated_topology": "rule:admin_or_owner",
|
"get_auto_allocated_topology": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_trunk": "rule:regular_user",
|
"create_trunk": "rule:regular_user",
|
||||||
"get_trunk": "rule:admin_or_owner",
|
"get_trunk": "rule:admin_or_owner",
|
||||||
"delete_trunk": "rule:admin_or_owner",
|
"delete_trunk": "rule:admin_or_owner",
|
||||||
"get_subports": "",
|
|
||||||
"add_subports": "rule:admin_or_owner",
|
"add_subports": "rule:admin_or_owner",
|
||||||
|
"get_subports": "",
|
||||||
"remove_subports": "rule:admin_or_owner",
|
"remove_subports": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_security_group": "rule:admin_or_owner",
|
||||||
"get_security_groups": "rule:admin_or_owner",
|
"get_security_groups": "rule:admin_or_owner",
|
||||||
"get_security_group": "rule:admin_or_owner",
|
"get_security_group": "rule:admin_or_owner",
|
||||||
"create_security_group": "rule:admin_or_owner",
|
|
||||||
"update_security_group": "rule:admin_or_owner",
|
"update_security_group": "rule:admin_or_owner",
|
||||||
"delete_security_group": "rule:admin_or_owner",
|
"delete_security_group": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_security_group_rule": "rule:admin_or_owner",
|
||||||
"get_security_group_rules": "rule:admin_or_owner",
|
"get_security_group_rules": "rule:admin_or_owner",
|
||||||
"get_security_group_rule": "rule:admin_or_owner",
|
"get_security_group_rule": "rule:admin_or_owner",
|
||||||
"create_security_group_rule": "rule:admin_or_owner",
|
|
||||||
"delete_security_group_rule": "rule:admin_or_owner",
|
"delete_security_group_rule": "rule:admin_or_owner",
|
||||||
|
|
||||||
"get_loggable_resources": "rule:admin_only",
|
"get_loggable_resources": "rule:admin_only",
|
||||||
|
|
||||||
"create_log": "rule:admin_only",
|
"create_log": "rule:admin_only",
|
||||||
"update_log": "rule:admin_only",
|
"get_log": "rule:admin_only",
|
||||||
"delete_log": "rule:admin_only",
|
|
||||||
"get_logs": "rule:admin_only",
|
"get_logs": "rule:admin_only",
|
||||||
"get_log": "rule:admin_only"
|
"update_log": "rule:admin_only",
|
||||||
|
"delete_log": "rule:admin_only"
|
||||||
}
|
}
|
||||||
|
@ -39,6 +39,13 @@
|
|||||||
"delete_address_scope": "rule:admin_or_owner",
|
"delete_address_scope": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_network": "",
|
"create_network": "",
|
||||||
|
"create_network:shared": "rule:admin_only",
|
||||||
|
"create_network:router:external": "rule:admin_only",
|
||||||
|
"create_network:is_default": "rule:admin_only",
|
||||||
|
"create_network:segments": "rule:admin_only",
|
||||||
|
"create_network:provider:network_type": "rule:admin_only",
|
||||||
|
"create_network:provider:physical_network": "rule:admin_only",
|
||||||
|
"create_network:provider:segmentation_id": "rule:admin_only",
|
||||||
"get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc",
|
"get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc",
|
||||||
"get_network:router:external": "rule:regular_user",
|
"get_network:router:external": "rule:regular_user",
|
||||||
"get_network:segments": "rule:admin_only",
|
"get_network:segments": "rule:admin_only",
|
||||||
@ -48,13 +55,6 @@
|
|||||||
"get_network:queue_id": "rule:admin_only",
|
"get_network:queue_id": "rule:admin_only",
|
||||||
"get_network_ip_availabilities": "rule:admin_only",
|
"get_network_ip_availabilities": "rule:admin_only",
|
||||||
"get_network_ip_availability": "rule:admin_only",
|
"get_network_ip_availability": "rule:admin_only",
|
||||||
"create_network:shared": "rule:admin_only",
|
|
||||||
"create_network:router:external": "rule:admin_only",
|
|
||||||
"create_network:is_default": "rule:admin_only",
|
|
||||||
"create_network:segments": "rule:admin_only",
|
|
||||||
"create_network:provider:network_type": "rule:admin_only",
|
|
||||||
"create_network:provider:physical_network": "rule:admin_only",
|
|
||||||
"create_network:provider:segmentation_id": "rule:admin_only",
|
|
||||||
"update_network": "rule:admin_or_owner",
|
"update_network": "rule:admin_or_owner",
|
||||||
"update_network:segments": "rule:admin_only",
|
"update_network:segments": "rule:admin_only",
|
||||||
"update_network:shared": "rule:admin_only",
|
"update_network:shared": "rule:admin_only",
|
||||||
@ -99,17 +99,19 @@
|
|||||||
"update_port:data_plane_status": "rule:admin_or_data_plane_int",
|
"update_port:data_plane_status": "rule:admin_or_data_plane_int",
|
||||||
"delete_port": "rule:context_is_advsvc or rule:admin_owner_or_network_owner",
|
"delete_port": "rule:context_is_advsvc or rule:admin_owner_or_network_owner",
|
||||||
|
|
||||||
"get_router:ha": "rule:admin_only",
|
|
||||||
"create_router": "rule:regular_user",
|
"create_router": "rule:regular_user",
|
||||||
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
|
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
|
||||||
|
"create_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
||||||
"create_router:distributed": "rule:admin_only",
|
"create_router:distributed": "rule:admin_only",
|
||||||
"create_router:ha": "rule:admin_only",
|
"create_router:ha": "rule:admin_only",
|
||||||
"get_router": "rule:admin_or_owner",
|
"get_router": "rule:admin_or_owner",
|
||||||
|
"get_router:ha": "rule:admin_only",
|
||||||
"get_router:distributed": "rule:admin_only",
|
"get_router:distributed": "rule:admin_only",
|
||||||
"update_router": "rule:admin_or_owner",
|
"update_router": "rule:admin_or_owner",
|
||||||
"update_router:external_gateway_info": "rule:admin_or_owner",
|
"update_router:external_gateway_info": "rule:admin_or_owner",
|
||||||
"update_router:external_gateway_info:network_id": "rule:admin_or_owner",
|
"update_router:external_gateway_info:network_id": "rule:admin_or_owner",
|
||||||
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
|
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
|
||||||
|
"update_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
||||||
"update_router:distributed": "rule:admin_only",
|
"update_router:distributed": "rule:admin_only",
|
||||||
"update_router:ha": "rule:admin_only",
|
"update_router:ha": "rule:admin_only",
|
||||||
"delete_router": "rule:admin_or_owner",
|
"delete_router": "rule:admin_or_owner",
|
||||||
@ -117,24 +119,24 @@
|
|||||||
"add_router_interface": "rule:admin_or_owner",
|
"add_router_interface": "rule:admin_or_owner",
|
||||||
"remove_router_interface": "rule:admin_or_owner",
|
"remove_router_interface": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
|
||||||
"update_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
|
||||||
|
|
||||||
"create_qos_queue": "rule:admin_only",
|
"create_qos_queue": "rule:admin_only",
|
||||||
"get_qos_queue": "rule:admin_only",
|
"get_qos_queue": "rule:admin_only",
|
||||||
|
|
||||||
|
"get_agent": "rule:admin_only",
|
||||||
"update_agent": "rule:admin_only",
|
"update_agent": "rule:admin_only",
|
||||||
"delete_agent": "rule:admin_only",
|
"delete_agent": "rule:admin_only",
|
||||||
"get_agent": "rule:admin_only",
|
|
||||||
|
|
||||||
"create_dhcp-network": "rule:admin_only",
|
"create_dhcp-network": "rule:admin_only",
|
||||||
"delete_dhcp-network": "rule:admin_only",
|
|
||||||
"get_dhcp-networks": "rule:admin_only",
|
"get_dhcp-networks": "rule:admin_only",
|
||||||
|
"delete_dhcp-network": "rule:admin_only",
|
||||||
|
|
||||||
"create_l3-router": "rule:admin_only",
|
"create_l3-router": "rule:admin_only",
|
||||||
"delete_l3-router": "rule:admin_only",
|
|
||||||
"get_l3-routers": "rule:admin_only",
|
"get_l3-routers": "rule:admin_only",
|
||||||
|
"delete_l3-router": "rule:admin_only",
|
||||||
|
|
||||||
"get_dhcp-agents": "rule:admin_only",
|
"get_dhcp-agents": "rule:admin_only",
|
||||||
"get_l3-agents": "rule:admin_only",
|
"get_l3-agents": "rule:admin_only",
|
||||||
|
|
||||||
"get_loadbalancer-agent": "rule:admin_only",
|
"get_loadbalancer-agent": "rule:admin_only",
|
||||||
"get_loadbalancer-pools": "rule:admin_only",
|
"get_loadbalancer-pools": "rule:admin_only",
|
||||||
"get_agent-loadbalancers": "rule:admin_only",
|
"get_agent-loadbalancers": "rule:admin_only",
|
||||||
@ -142,94 +144,105 @@
|
|||||||
|
|
||||||
"create_floatingip": "rule:regular_user",
|
"create_floatingip": "rule:regular_user",
|
||||||
"create_floatingip:floating_ip_address": "rule:admin_only",
|
"create_floatingip:floating_ip_address": "rule:admin_only",
|
||||||
|
"get_floatingip": "rule:admin_or_owner",
|
||||||
"update_floatingip": "rule:admin_or_owner",
|
"update_floatingip": "rule:admin_or_owner",
|
||||||
"delete_floatingip": "rule:admin_or_owner",
|
"delete_floatingip": "rule:admin_or_owner",
|
||||||
"get_floatingip": "rule:admin_or_owner",
|
|
||||||
|
|
||||||
"create_network_profile": "rule:admin_only",
|
"create_network_profile": "rule:admin_only",
|
||||||
"update_network_profile": "rule:admin_only",
|
|
||||||
"delete_network_profile": "rule:admin_only",
|
|
||||||
"get_network_profiles": "",
|
"get_network_profiles": "",
|
||||||
"get_network_profile": "",
|
"get_network_profile": "",
|
||||||
"update_policy_profiles": "rule:admin_only",
|
"update_network_profile": "rule:admin_only",
|
||||||
|
"delete_network_profile": "rule:admin_only",
|
||||||
|
|
||||||
"get_policy_profiles": "",
|
"get_policy_profiles": "",
|
||||||
"get_policy_profile": "",
|
"get_policy_profile": "",
|
||||||
|
"update_policy_profiles": "rule:admin_only",
|
||||||
|
|
||||||
"create_metering_label": "rule:admin_only",
|
"create_metering_label": "rule:admin_only",
|
||||||
"delete_metering_label": "rule:admin_only",
|
|
||||||
"get_metering_label": "rule:admin_only",
|
"get_metering_label": "rule:admin_only",
|
||||||
|
"delete_metering_label": "rule:admin_only",
|
||||||
|
|
||||||
"create_metering_label_rule": "rule:admin_only",
|
"create_metering_label_rule": "rule:admin_only",
|
||||||
"delete_metering_label_rule": "rule:admin_only",
|
|
||||||
"get_metering_label_rule": "rule:admin_only",
|
"get_metering_label_rule": "rule:admin_only",
|
||||||
|
"delete_metering_label_rule": "rule:admin_only",
|
||||||
|
|
||||||
|
"create_lsn": "rule:admin_only",
|
||||||
|
"get_lsn": "rule:admin_only",
|
||||||
|
|
||||||
"get_service_provider": "rule:regular_user",
|
"get_service_provider": "rule:regular_user",
|
||||||
"get_lsn": "rule:admin_only",
|
|
||||||
"create_lsn": "rule:admin_only",
|
|
||||||
|
|
||||||
"create_flavor": "rule:admin_only",
|
"create_flavor": "rule:admin_only",
|
||||||
"update_flavor": "rule:admin_only",
|
|
||||||
"delete_flavor": "rule:admin_only",
|
|
||||||
"get_flavors": "rule:regular_user",
|
"get_flavors": "rule:regular_user",
|
||||||
"get_flavor": "rule:regular_user",
|
"get_flavor": "rule:regular_user",
|
||||||
|
"update_flavor": "rule:admin_only",
|
||||||
|
"delete_flavor": "rule:admin_only",
|
||||||
|
|
||||||
"create_service_profile": "rule:admin_only",
|
"create_service_profile": "rule:admin_only",
|
||||||
"update_service_profile": "rule:admin_only",
|
|
||||||
"delete_service_profile": "rule:admin_only",
|
|
||||||
"get_service_profiles": "rule:admin_only",
|
"get_service_profiles": "rule:admin_only",
|
||||||
"get_service_profile": "rule:admin_only",
|
"get_service_profile": "rule:admin_only",
|
||||||
|
"update_service_profile": "rule:admin_only",
|
||||||
|
"delete_service_profile": "rule:admin_only",
|
||||||
|
|
||||||
"get_policy": "rule:regular_user",
|
|
||||||
"create_policy": "rule:admin_only",
|
"create_policy": "rule:admin_only",
|
||||||
|
"get_policy": "rule:regular_user",
|
||||||
"update_policy": "rule:admin_only",
|
"update_policy": "rule:admin_only",
|
||||||
"delete_policy": "rule:admin_only",
|
"delete_policy": "rule:admin_only",
|
||||||
"get_policy_bandwidth_limit_rule": "rule:regular_user",
|
|
||||||
"create_policy_bandwidth_limit_rule": "rule:admin_only",
|
"create_policy_bandwidth_limit_rule": "rule:admin_only",
|
||||||
"delete_policy_bandwidth_limit_rule": "rule:admin_only",
|
"get_policy_bandwidth_limit_rule": "rule:regular_user",
|
||||||
"update_policy_bandwidth_limit_rule": "rule:admin_only",
|
"update_policy_bandwidth_limit_rule": "rule:admin_only",
|
||||||
"get_policy_dscp_marking_rule": "rule:regular_user",
|
"delete_policy_bandwidth_limit_rule": "rule:admin_only",
|
||||||
|
|
||||||
"create_policy_dscp_marking_rule": "rule:admin_only",
|
"create_policy_dscp_marking_rule": "rule:admin_only",
|
||||||
"delete_policy_dscp_marking_rule": "rule:admin_only",
|
"get_policy_dscp_marking_rule": "rule:regular_user",
|
||||||
"update_policy_dscp_marking_rule": "rule:admin_only",
|
"update_policy_dscp_marking_rule": "rule:admin_only",
|
||||||
|
"delete_policy_dscp_marking_rule": "rule:admin_only",
|
||||||
|
|
||||||
"get_rule_type": "rule:regular_user",
|
"get_rule_type": "rule:regular_user",
|
||||||
"get_policy_minimum_bandwidth_rule": "rule:regular_user",
|
|
||||||
"create_policy_minimum_bandwidth_rule": "rule:admin_only",
|
"create_policy_minimum_bandwidth_rule": "rule:admin_only",
|
||||||
"delete_policy_minimum_bandwidth_rule": "rule:admin_only",
|
"get_policy_minimum_bandwidth_rule": "rule:regular_user",
|
||||||
"update_policy_minimum_bandwidth_rule": "rule:admin_only",
|
"update_policy_minimum_bandwidth_rule": "rule:admin_only",
|
||||||
|
"delete_policy_minimum_bandwidth_rule": "rule:admin_only",
|
||||||
|
|
||||||
"restrict_wildcard": "(not field:rbac_policy:target_tenant=*) or rule:admin_only",
|
"restrict_wildcard": "(not field:rbac_policy:target_tenant=*) or rule:admin_only",
|
||||||
"create_rbac_policy": "",
|
"create_rbac_policy": "",
|
||||||
"create_rbac_policy:target_tenant": "rule:restrict_wildcard",
|
"create_rbac_policy:target_tenant": "rule:restrict_wildcard",
|
||||||
|
"get_rbac_policy": "rule:admin_or_owner",
|
||||||
"update_rbac_policy": "rule:admin_or_owner",
|
"update_rbac_policy": "rule:admin_or_owner",
|
||||||
"update_rbac_policy:target_tenant": "rule:restrict_wildcard and rule:admin_or_owner",
|
"update_rbac_policy:target_tenant": "rule:restrict_wildcard and rule:admin_or_owner",
|
||||||
"get_rbac_policy": "rule:admin_or_owner",
|
|
||||||
"delete_rbac_policy": "rule:admin_or_owner",
|
"delete_rbac_policy": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_flavor_service_profile": "rule:admin_only",
|
"create_flavor_service_profile": "rule:admin_only",
|
||||||
"delete_flavor_service_profile": "rule:admin_only",
|
|
||||||
"get_flavor_service_profile": "rule:regular_user",
|
"get_flavor_service_profile": "rule:regular_user",
|
||||||
|
"delete_flavor_service_profile": "rule:admin_only",
|
||||||
|
|
||||||
"get_auto_allocated_topology": "rule:admin_or_owner",
|
"get_auto_allocated_topology": "rule:admin_or_owner",
|
||||||
|
|
||||||
"create_trunk": "rule:regular_user",
|
"create_trunk": "rule:regular_user",
|
||||||
"get_trunk": "rule:admin_or_owner",
|
"get_trunk": "rule:admin_or_owner",
|
||||||
"delete_trunk": "rule:admin_or_owner",
|
"delete_trunk": "rule:admin_or_owner",
|
||||||
"get_subports": "",
|
|
||||||
"add_subports": "rule:admin_or_owner",
|
"add_subports": "rule:admin_or_owner",
|
||||||
|
"get_subports": "",
|
||||||
"remove_subports": "rule:admin_or_owner",
|
"remove_subports": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_security_group": "rule:admin_or_owner",
|
||||||
"get_security_groups": "rule:admin_or_owner",
|
"get_security_groups": "rule:admin_or_owner",
|
||||||
"get_security_group": "rule:admin_or_owner",
|
"get_security_group": "rule:admin_or_owner",
|
||||||
"create_security_group": "rule:admin_or_owner",
|
|
||||||
"update_security_group": "rule:admin_or_owner",
|
"update_security_group": "rule:admin_or_owner",
|
||||||
"delete_security_group": "rule:admin_or_owner",
|
"delete_security_group": "rule:admin_or_owner",
|
||||||
|
|
||||||
|
"create_security_group_rule": "rule:admin_or_owner",
|
||||||
"get_security_group_rules": "rule:admin_or_owner",
|
"get_security_group_rules": "rule:admin_or_owner",
|
||||||
"get_security_group_rule": "rule:admin_or_owner",
|
"get_security_group_rule": "rule:admin_or_owner",
|
||||||
"create_security_group_rule": "rule:admin_or_owner",
|
|
||||||
"delete_security_group_rule": "rule:admin_or_owner",
|
"delete_security_group_rule": "rule:admin_or_owner",
|
||||||
|
|
||||||
"get_loggable_resources": "rule:admin_only",
|
"get_loggable_resources": "rule:admin_only",
|
||||||
|
|
||||||
"create_log": "rule:admin_only",
|
"create_log": "rule:admin_only",
|
||||||
"update_log": "rule:admin_only",
|
"get_log": "rule:admin_only",
|
||||||
"delete_log": "rule:admin_only",
|
|
||||||
"get_logs": "rule:admin_only",
|
"get_logs": "rule:admin_only",
|
||||||
"get_log": "rule:admin_only"
|
"update_log": "rule:admin_only",
|
||||||
|
"delete_log": "rule:admin_only"
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user