35d945e92f
Add common parent owner check for the resources which introduced by service plugin. Then port forwarding resource will share the same tenant_id with floatingip. That means only the fip owner can create/update/get/delete the associated port forwarding resource. Partially-Implements: blueprint port-forwarding Partial-Bug: #1491317 Change-Id: I450c674e55ca15e1d9a6a6224138f3305427da68
10 lines
438 B
YAML
10 lines
438 B
YAML
---
|
|
features:
|
|
- |
|
|
Introduces extension parent resources owner check in
|
|
``neutron.policy.OwnerCheck``. It can be used by registering an extension
|
|
parent resource and service plugin which introduced the corresponding
|
|
parent resource into ``EXT_PARENT_RESOURCE_MAPPING`` located in
|
|
``neutron.common.constants``. And introduces a new policy role
|
|
``admin_or_ext_parent_owner`` into ``policy.json`` for this function.
|