35988f1393
Bug 1158434 This patch adds a new policy named 'context_is_admin' which defines an admin user as a collection of roles or else. The quantum context has been updated to check for this policy when setting the is_admin flag. This patch also adds a method for gathering 'admin' roles from policy rules as current logic requires the context to be always populate with the correct roles for admin rules, even when the context is implicitly generated with get_admin_context or context.elevated. Backward compatibility is ensuring by preserving the old behavior if the 'context_is_admin' policy is not found in policy.json Change-Id: I9acea75cca0c47e083a9149e358328ea3ca12d68 |
||
---|---|---|
.. | ||
agent | ||
api | ||
common | ||
db | ||
debug | ||
extensions | ||
locale | ||
openstack | ||
plugins | ||
rootwrap | ||
scheduler | ||
server | ||
tests | ||
__init__.py | ||
auth.py | ||
context.py | ||
manager.py | ||
policy.py | ||
quantum_plugin_base_v2.py | ||
quota.py | ||
service.py | ||
version.py | ||
wsgi.py |