openstack/nova
Code Issues Proposed changes

Merge "Modify "policy.conf" to "policy.json""

Browse Source
This commit is contained in:
Jenkins
2016-06-23 19:17:42 +00:00
committed by Gerrit Code Review
parent faaf00754e f967d5c570
commit 2983c4ecb0
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
doc/source/policy_enforcement.rst
View File

@@ -34,7 +34,7 @@ There are several problems for current API policy.
the APIs. the APIs.
* More easy way to override default policy settings for deployer. And * More easy way to override default policy settings for deployer. And
Currently all the API(EC2, V2, V2.1) rules mix in one policy.conf file. Currently all the API(EC2, V2, V2.1) rules mix in one policy.json file.
These are the kinds of things we need to make easier: These are the kinds of things we need to make easier:
@@ -47,7 +47,7 @@ redundant check in the compute API can confuse developers and deployers.
3. Operator can specify different rules for APIs that in same extension. 3. Operator can specify different rules for APIs that in same extension.
4. Operator can override the default policy rule easily without mixing his own 4. Operator can override the default policy rule easily without mixing his own
config and default config in one policy.conf file. config and default config in one policy.json file.
Future of policy enforcement Future of policy enforcement
---------------------------- ----------------------------
@@ -134,7 +134,7 @@ After group the policy rules for different API, we can separate them into
different files. Then deployer will more clear for which rule he can set for different files. Then deployer will more clear for which rule he can set for
specific API. The rules can be grouped as below: specific API. The rules can be grouped as below:
* policy.conf: It only contains the generic rule, like: * policy.json: It only contains the generic rule, like:
:: ::
"context_is_admin": "role:admin", "context_is_admin": "role:admin",