Move consumer to DocumentedRuleDefault
A new policy class was introduce that requires additional parameters when defining policy objects. This patch switches our consumer revocation policy object to the policy.DocumentedRuleDefault and fills the required policy parameters as needed. Change-Id: I835098182c6f1a6c16ac845957dda2014dba1779 Partially-Implements: bp policy-docs
This commit is contained in:
parent
9034755743
commit
09d2a01163
|
@ -15,21 +15,36 @@ from oslo_policy import policy
|
|||
from keystone.common.policies import base
|
||||
|
||||
consumer_policies = [
|
||||
policy.RuleDefault(
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'get_consumer',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Show OAUTH1 consumer details.',
|
||||
operations=[{'path': '/v3/OS-OAUTH1/consumers/{consumer_id}',
|
||||
'method': 'GET'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'list_consumers',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='List OAUTH1 consumers.',
|
||||
operations=[{'path': '/v3/OS-OAUTH1/consumers',
|
||||
'method': 'GET'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'create_consumer',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Create OAUTH1 consumer.',
|
||||
operations=[{'path': '/v3/OS-OAUTH1/consumers',
|
||||
'method': 'POST'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'update_consumer',
|
||||
check_str=base.RULE_ADMIN_REQUIRED),
|
||||
policy.RuleDefault(
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Update OAUTH1 consumer.',
|
||||
operations=[{'path': '/v3/OS-OAUTH1/consumers/{consumer_id}',
|
||||
'method': 'PATCH'}]),
|
||||
policy.DocumentedRuleDefault(
|
||||
name=base.IDENTITY % 'delete_consumer',
|
||||
check_str=base.RULE_ADMIN_REQUIRED)
|
||||
check_str=base.RULE_ADMIN_REQUIRED,
|
||||
description='Delete OAUTH1 consumer.',
|
||||
operations=[{'path': '/v3/OS-OAUTH1/consumers/{consumer_id}',
|
||||
'method': 'DELETE'}])
|
||||
]
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue