Merge "Implement new policy rules NET_OWNER and PARENT_OWNER"

This commit is contained in:
Zuul 2021-03-08 10:12:55 +00:00 committed by Gerrit Code Review
commit b7c4a11158
1 changed files with 8 additions and 0 deletions

View File

@ -111,6 +111,10 @@ rules = [
RULE_ADMIN_OR_NET_OWNER),
description=('Rule for resource owner, '
'admin or network owner access')),
policy.RuleDefault(
'network_owner',
'tenant_id:%(network:tenant_id)s',
description='Rule for network owner access'),
policy.RuleDefault(
'admin_only',
'rule:context_is_admin',
@ -133,6 +137,10 @@ rules = [
policy_or('rule:context_is_admin',
'tenant_id:%(ext_parent:tenant_id)s'),
description='Rule for common parent owner check'),
policy.RuleDefault(
'ext_parent_owner',
'tenant_id:%(ext_parent:tenant_id)s',
description='Rule for common parent owner check'),
]