openstack/openstack-manuals
Code Issues Proposed changes

[admin-guide-cloud] fix syntax of rules in RBAC chapter

Browse Source 
Change-Id: Id4553558094f86bb5aaa4838ff8140dab453b4a6
Closes-Bug: #1503806
This commit is contained in:
Linette
2015-10-07 13:36:02 -05:00
committed by Andreas Jaeger
parent 3f6dce270b
commit 951810641f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/admin-guide-cloud/source/identity_service_api_protection.rst
View File

@@ -27,7 +27,7 @@ entities of the API call in question. For example:
.. code:: ini .. code:: ini
"identity:create_user": [["role:admin", "domain_id:%(user.domain_id)s"]] "identity:create_user": "role:admin and domain_id:%(user.domain_id)s"
Indicates that to create a user, you must have the admin role in your Indicates that to create a user, you must have the admin role in your
token. The :code:`domain_id` in your token must match the token. The :code:`domain_id` in your token must match the
@@ -66,7 +66,7 @@ also available using a target.object.attribute syntax. For instance:
.. code:: ini .. code:: ini
"identity:delete_user": [["role:admin", "domain_id:%(target.user.domain_id)s"]] "identity:delete_user": "role:admin and domain_id:%(target.user.domain_id)s"
would ensure that Identity only deletes the user object in the same would ensure that Identity only deletes the user object in the same
domain as the provided token. domain as the provided token.