yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1152662] Re: sample policy.json should use new format

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Wed, 04 Dec 2013 09:30:38 -0000
Reply-to: Bug 1152662 <1152662@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => icehouse-1

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1152662

Title:
  sample policy.json should use new format

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  Keystone's sample policy.json (keystone/etc/policy.json) should switch
  to using the new format because it's easier to read and understand.
  The new format is used by nova, for example, see
  https://github.com/openstack/nova/blob/master/etc/nova/policy.json:

  {
      "context_is_admin": "role:admin",
      "admin_or_owner": "is_admin:True or project_id:%(project_id)s",
      "default": "rule:admin_or_owner",

  ...

  vs keystone's:

  {
      "admin_required": [["role:admin"], ["is_admin:1"]],
      "owner" : [["user_id:%(user_id)s"]],
      "admin_or_owner": [["rule:admin_required"], ["rule:owner"]],

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1152662/+subscriptions