openstack/neutron
Code Issues Proposed changes

Merge "Implement new policy rules NET_OWNER and PARENT_OWNER"

Browse Source
This commit is contained in:
Zuul
2021-03-08 10:12:55 +00:00
committed by Gerrit Code Review
parent 2328cd7c84 067241b11b
commit b7c4a11158
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
neutron/conf/policies/base.py
View File

@@ -111,6 +111,10 @@ rules = [
RULE_ADMIN_OR_NET_OWNER),
description=('Rule for resource owner, '
'admin or network owner access')),
policy.RuleDefault(
'network_owner',
'tenant_id:%(network:tenant_id)s',
description='Rule for network owner access'),
policy.RuleDefault(
'admin_only',
'rule:context_is_admin',
@@ -133,6 +137,10 @@ rules = [
policy_or('rule:context_is_admin',
'tenant_id:%(ext_parent:tenant_id)s'),
description='Rule for common parent owner check'),
policy.RuleDefault(
'ext_parent_owner',
'tenant_id:%(ext_parent:tenant_id)s',
description='Rule for common parent owner check'),
]