Change API policy for service_type to be available for all readers
Service type resource don't have "project_id" so using "PROJECT_*" rules wasn't working fine. And this resource should be available for all users so this patch switches its check_str to be "role:reader" which works for all types of SYSTEM and PROJECT scope users. Related-blueprint: bp/secure-rbac-roles Change-Id: If28e70252c1f9ec76502699fad2d5a2aece8f4fb
This commit is contained in:
parent
5d33a6b9dd
commit
962d2539a1
|
@ -22,7 +22,7 @@ DEPRECATION_REASON = (
|
||||||
rules = [
|
rules = [
|
||||||
policy.DocumentedRuleDefault(
|
policy.DocumentedRuleDefault(
|
||||||
name='get_service_provider',
|
name='get_service_provider',
|
||||||
check_str=base.SYSTEM_OR_PROJECT_READER,
|
check_str='role:reader',
|
||||||
description='Get service providers',
|
description='Get service providers',
|
||||||
operations=[
|
operations=[
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue