diff options
author | Zuul <zuul@review.opendev.org> | 2023-05-16 12:02:28 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2023-05-16 12:02:28 +0000 |
commit | ae4084c1735f63de7fc685ee51502f5d0d9db67c (patch) | |
tree | 1404a3b6463941fb5893c2a3101f720e109e476d /neutron/conf | |
parent | a06b44e12da4ab8fb037b34593f33c4df7dbafa1 (diff) | |
parent | 01de74dedfdc306b0331aae4f970f0c5bca5cb48 (diff) | |
download | neutron-ae4084c1735f63de7fc685ee51502f5d0d9db67c.tar.gz |
Merge "[S-RBAC] Get QoS rule types API available for READER role"
Diffstat (limited to 'neutron/conf')
-rw-r--r-- | neutron/conf/policies/qos.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/neutron/conf/policies/qos.py b/neutron/conf/policies/qos.py index 2fc9d0975c..c507a7bdb9 100644 --- a/neutron/conf/policies/qos.py +++ b/neutron/conf/policies/qos.py @@ -104,7 +104,11 @@ rules = [ policy.DocumentedRuleDefault( name='get_rule_type', - check_str=base.ADMIN, + # NOTE(ralonsoh): it can't be ADMIN_OR_PROJECT_READER constant from the + # base module because that is using "project_id" in the check string + # and the rule type resource don't belongs to any project thus such + # check string would fail enforcement. + check_str='role:reader', scope_types=['project'], description='Get available QoS rule types', operations=[ |