Browse Source

Fix Floating IP policy rules

During migration to the new secure API rules of the Floating IP API we
made some mistakes. This patch fixes it by:

* allow SYSTEM_ADMIN to create floating IPs,
* fix wrong name of the deprecated rule for update and delete floating
  IP

Related-blueprint: bp/secure-rbac-roles
Change-Id: Idba1cf4949f089deb9cc54a6648ec795c59a7377
changes/06/784206/1
Slawek Kaplonski 1 month ago
parent
commit
dd6cd3fb8a
1 changed files with 3 additions and 3 deletions
  1. +3
    -3
      neutron/conf/policies/floatingip.py

+ 3
- 3
neutron/conf/policies/floatingip.py View File

@ -25,7 +25,7 @@ DEPRECATION_REASON = (
rules = [
policy.DocumentedRuleDefault(
name='create_floatingip',
check_str=base.PROJECT_MEMBER,
check_str=base.SYSTEM_ADMIN_OR_PROJECT_MEMBER,
description='Create a floating IP',
operations=[
{
@ -90,7 +90,7 @@ rules = [
],
scope_types=['system', 'project'],
deprecated_rule=policy.DeprecatedRule(
name='create_floatingip',
name='update_floatingip',
check_str=base.RULE_ADMIN_OR_OWNER,
deprecated_reason=DEPRECATION_REASON,
deprecated_since=versionutils.deprecated.WALLABY)
@ -107,7 +107,7 @@ rules = [
],
scope_types=['system', 'project'],
deprecated_rule=policy.DeprecatedRule(
name='create_floatingip',
name='delete_floatingip',
check_str=base.RULE_ADMIN_OR_OWNER,
deprecated_reason=DEPRECATION_REASON,
deprecated_since=versionutils.deprecated.WALLABY)


Loading…
Cancel
Save