summaryrefslogtreecommitdiff
path: root/etc
diff options
context:
space:
mode:
authorDai Dang Van <daidv@vn.fujitsu.com>2017-10-04 10:05:31 +0700
committerDai Dang Van <daidv@vn.fujitsu.com>2017-12-07 16:38:03 +0700
commitdd6b22d47ab8529afb7126bfde491b625058f319 (patch)
tree92f8862affa14ee571a67996695155c355e2125f /etc
parentccb6752f6973a7d1c8bb08675fde421710942998 (diff)
downloadtrove-dd6b22d47ab8529afb7126bfde491b625058f319.tar.gz
Remove policy.json file
We already had default rule in code, so we should not still define all of them again in policy file. Besides, we should you yaml format for now instead json. Another thing, we don't need to config policy file in Devstack enviroment. Change-Id: I783ba51695271d358764557899fe91e84620556d
Diffstat (limited to 'etc')
-rw-r--r--etc/trove/policy.json97
-rw-r--r--etc/trove/policy.yaml.sample243
2 files changed, 243 insertions, 97 deletions
diff --git a/etc/trove/policy.json b/etc/trove/policy.json
deleted file mode 100644
index 902f4303..00000000
--- a/etc/trove/policy.json
+++ /dev/null
@@ -1,97 +0,0 @@
-{
- "admin": "role:admin or is_admin:True",
- "admin_or_owner": "rule:admin or tenant:%(tenant)s",
- "default": "rule:admin_or_owner",
-
- "instance:create": "rule:admin_or_owner",
- "instance:delete": "rule:admin_or_owner",
- "instance:force_delete": "rule:admin_or_owner",
- "instance:index": "rule:admin_or_owner",
- "instance:show": "rule:admin_or_owner",
- "instance:update": "rule:admin_or_owner",
- "instance:edit": "rule:admin_or_owner",
- "instance:restart": "rule:admin_or_owner",
- "instance:resize_volume": "rule:admin_or_owner",
- "instance:resize_flavor": "rule:admin_or_owner",
- "instance:reset_status": "rule:admin",
- "instance:promote_to_replica_source": "rule:admin_or_owner",
- "instance:eject_replica_source": "rule:admin_or_owner",
- "instance:configuration": "rule:admin_or_owner",
- "instance:guest_log_list": "rule:admin_or_owner",
- "instance:backups": "rule:admin_or_owner",
- "instance:module_list": "rule:admin_or_owner",
- "instance:module_apply": "rule:admin_or_owner",
- "instance:module_remove": "rule:admin_or_owner",
-
- "instance:extension:root:create": "rule:admin_or_owner",
- "instance:extension:root:delete": "rule:admin_or_owner",
- "instance:extension:root:index": "rule:admin_or_owner",
-
- "instance:extension:user:create": "rule:admin_or_owner",
- "instance:extension:user:delete": "rule:admin_or_owner",
- "instance:extension:user:index": "rule:admin_or_owner",
- "instance:extension:user:show": "rule:admin_or_owner",
- "instance:extension:user:update": "rule:admin_or_owner",
- "instance:extension:user:update_all": "rule:admin_or_owner",
-
- "instance:extension:user_access:update": "rule:admin_or_owner",
- "instance:extension:user_access:delete": "rule:admin_or_owner",
- "instance:extension:user_access:index": "rule:admin_or_owner",
-
- "instance:extension:database:create": "rule:admin_or_owner",
- "instance:extension:database:delete": "rule:admin_or_owner",
- "instance:extension:database:index": "rule:admin_or_owner",
- "instance:extension:database:show": "rule:admin_or_owner",
-
- "cluster:create": "rule:admin_or_owner",
- "cluster:delete": "rule:admin_or_owner",
- "cluster:force_delete": "rule:admin_or_owner",
- "cluster:index": "rule:admin_or_owner",
- "cluster:show": "rule:admin_or_owner",
- "cluster:show_instance": "rule:admin_or_owner",
- "cluster:action": "rule:admin_or_owner",
- "cluster:reset-status": "rule:admin",
-
- "cluster:extension:root:create": "rule:admin_or_owner",
- "cluster:extension:root:delete": "rule:admin_or_owner",
- "cluster:extension:root:index": "rule:admin_or_owner",
-
- "backup:create": "rule:admin_or_owner",
- "backup:delete": "rule:admin_or_owner",
- "backup:index": "rule:admin_or_owner",
- "backup:show": "rule:admin_or_owner",
-
- "configuration:create": "rule:admin_or_owner",
- "configuration:delete": "rule:admin_or_owner",
- "configuration:index": "rule:admin_or_owner",
- "configuration:show": "rule:admin_or_owner",
- "configuration:instances": "rule:admin_or_owner",
- "configuration:update": "rule:admin_or_owner",
- "configuration:edit": "rule:admin_or_owner",
-
- "configuration-parameter:index": "rule:admin_or_owner",
- "configuration-parameter:show": "rule:admin_or_owner",
- "configuration-parameter:index_by_version": "rule:admin_or_owner",
- "configuration-parameter:show_by_version": "rule:admin_or_owner",
-
- "datastore:index": "",
- "datastore:show": "",
- "datastore:version_show": "",
- "datastore:version_show_by_uuid": "",
- "datastore:version_index": "",
- "datastore:list_associated_flavors": "",
- "datastore:list_associated_volume_types": "",
-
- "flavor:index": "",
- "flavor:show": "",
-
- "limits:index": "rule:admin_or_owner",
-
- "module:create": "rule:admin_or_owner",
- "module:delete": "rule:admin_or_owner",
- "module:index": "rule:admin_or_owner",
- "module:show": "rule:admin_or_owner",
- "module:instances": "rule:admin_or_owner",
- "module:update": "rule:admin_or_owner",
- "module:reapply": "rule:admin_or_owner"
-}
diff --git a/etc/trove/policy.yaml.sample b/etc/trove/policy.yaml.sample
new file mode 100644
index 00000000..823144dc
--- /dev/null
+++ b/etc/trove/policy.yaml.sample
@@ -0,0 +1,243 @@
+# Must be an administrator.
+#"admin": "role:admin or is_admin:True"
+
+# Must be an administrator or owner of the object.
+#"admin_or_owner": "rule:admin or tenant:%(tenant)s"
+
+# Must be an administrator or owner of the object.
+#"default": "rule:admin_or_owner"
+
+#
+#"instance:create": "rule:admin_or_owner"
+
+#
+#"instance:delete": "rule:admin_or_owner"
+
+#
+#"instance:force_delete": "rule:admin_or_owner"
+
+#
+#"instance:index": "rule:admin_or_owner"
+
+#
+#"instance:show": "rule:admin_or_owner"
+
+#
+#"instance:update": "rule:admin_or_owner"
+
+#
+#"instance:edit": "rule:admin_or_owner"
+
+#
+#"instance:restart": "rule:admin_or_owner"
+
+#
+#"instance:resize_volume": "rule:admin_or_owner"
+
+#
+#"instance:resize_flavor": "rule:admin_or_owner"
+
+#
+#"instance:reset_status": "rule:admin"
+
+#
+#"instance:promote_to_replica_source": "rule:admin_or_owner"
+
+#
+#"instance:eject_replica_source": "rule:admin_or_owner"
+
+#
+#"instance:configuration": "rule:admin_or_owner"
+
+#
+#"instance:guest_log_list": "rule:admin_or_owner"
+
+#
+#"instance:backups": "rule:admin_or_owner"
+
+#
+#"instance:module_list": "rule:admin_or_owner"
+
+#
+#"instance:module_apply": "rule:admin_or_owner"
+
+#
+#"instance:module_remove": "rule:admin_or_owner"
+
+#
+#"instance:extension:root:create": "rule:admin_or_owner"
+
+#
+#"instance:extension:root:delete": "rule:admin_or_owner"
+
+#
+#"instance:extension:root:index": "rule:admin_or_owner"
+
+#
+#"instance:extension:user:create": "rule:admin_or_owner"
+
+#
+#"instance:extension:user:delete": "rule:admin_or_owner"
+
+#
+#"instance:extension:user:index": "rule:admin_or_owner"
+
+#
+#"instance:extension:user:show": "rule:admin_or_owner"
+
+#
+#"instance:extension:user:update": "rule:admin_or_owner"
+
+#
+#"instance:extension:user:update_all": "rule:admin_or_owner"
+
+#
+#"instance:extension:user_access:update": "rule:admin_or_owner"
+
+#
+#"instance:extension:user_access:delete": "rule:admin_or_owner"
+
+#
+#"instance:extension:user_access:index": "rule:admin_or_owner"
+
+#
+#"instance:extension:database:create": "rule:admin_or_owner"
+
+#
+#"instance:extension:database:delete": "rule:admin_or_owner"
+
+#
+#"instance:extension:database:index": "rule:admin_or_owner"
+
+#
+#"instance:extension:database:show": "rule:admin_or_owner"
+
+#
+#"cluster:create": "rule:admin_or_owner"
+
+#
+#"cluster:delete": "rule:admin_or_owner"
+
+#
+#"cluster:force_delete": "rule:admin_or_owner"
+
+#
+#"cluster:index": "rule:admin_or_owner"
+
+#
+#"cluster:show": "rule:admin_or_owner"
+
+#
+#"cluster:show_instance": "rule:admin_or_owner"
+
+#
+#"cluster:action": "rule:admin_or_owner"
+
+#
+#"cluster:reset-status": "rule:admin"
+
+#
+#"cluster:extension:root:create": "rule:admin_or_owner"
+
+#
+#"cluster:extension:root:delete": "rule:admin_or_owner"
+
+#
+#"cluster:extension:root:index": "rule:admin_or_owner"
+
+#
+#"backup:create": "rule:admin_or_owner"
+
+#
+#"backup:delete": "rule:admin_or_owner"
+
+#
+#"backup:index": "rule:admin_or_owner"
+
+#
+#"backup:show": "rule:admin_or_owner"
+
+#
+#"configuration:create": "rule:admin_or_owner"
+
+#
+#"configuration:delete": "rule:admin_or_owner"
+
+#
+#"configuration:index": "rule:admin_or_owner"
+
+#
+#"configuration:show": "rule:admin_or_owner"
+
+#
+#"configuration:instances": "rule:admin_or_owner"
+
+#
+#"configuration:update": "rule:admin_or_owner"
+
+#
+#"configuration:edit": "rule:admin_or_owner"
+
+#
+#"configuration-parameter:index": "rule:admin_or_owner"
+
+#
+#"configuration-parameter:show": "rule:admin_or_owner"
+
+#
+#"configuration-parameter:index_by_version": "rule:admin_or_owner"
+
+#
+#"configuration-parameter:show_by_version": "rule:admin_or_owner"
+
+#
+#"datastore:index": ""
+
+#
+#"datastore:show": ""
+
+#
+#"datastore:version_show": ""
+
+#
+#"datastore:version_show_by_uuid": ""
+
+#
+#"datastore:version_index": ""
+
+#
+#"datastore:list_associated_flavors": ""
+
+#
+#"datastore:list_associated_volume_types": ""
+
+#
+#"flavor:index": ""
+
+#
+#"flavor:show": ""
+
+#
+#"limits:index": "rule:admin_or_owner"
+
+#
+#"module:create": "rule:admin_or_owner"
+
+#
+#"module:delete": "rule:admin_or_owner"
+
+#
+#"module:index": "rule:admin_or_owner"
+
+#
+#"module:show": "rule:admin_or_owner"
+
+#
+#"module:instances": "rule:admin_or_owner"
+
+#
+#"module:update": "rule:admin_or_owner"
+
+#
+#"module:reapply": "rule:admin_or_owner"
+
View Lorry Controller Status