Add new default roles in os-admin-password policies

This adds new defaults roles in os-admin-password API policies. This policy is default to owner or system admin role. Partial implement blueprint policy-defaults-refresh Change-Id: Ieb026dadca2021dcc0451bf2167b15f5380e74ef
2020-01-08 23:48:32 +00:00 · 2020-01-08 23:48:32 +00:00 · 9bcdd05f0d
parent f794f9d6d0
commit 9bcdd05f0d
1 changed files with 1 additions and 1 deletions
--- a/nova/policies/admin_password.py
+++ b/nova/policies/admin_password.py
@ -24,7 +24,7 @@ BASE_POLICY_NAME = 'os_compute_api:os-admin-password'
 admin_password_policies = [
    policy.DocumentedRuleDefault(
        name=BASE_POLICY_NAME,
-        check_str=base.RULE_ADMIN_OR_OWNER,
+        check_str=base.PROJECT_MEMBER_OR_SYSTEM_ADMIN,
        description="Change the administrative password for a server",
        operations=[
            {