openstack
/
keystone
Code Issues Proposed changes
keystone/keystone/common/policies
History
Lance Bragstad feb0d58df4 Implement system reader role for groups 
This commit introduces the system reader role to the group API, making
it easier for administrators to delegate subsets of responsibilities
to the API by default. This commit also maintains the ability for
any user to be able to fetch their own group memberships, which
encapsulates a bunch of tests for what regular project users can do
with groups.

Subsequent patches will incorporate:

  - system member test coverage
  - system admin functionality
  - domain reader functionality
  - domain member test coverage
  - domain admin functionality

Change-Id: I24ff27da79bb01322e05c6d8cd37f02693fd5b9f
Related-Bug: 1805369
Related-Bug: 1808859
Related-Bug: 968696
 		2018-12-19 20:14:17 +00:00
..
__init__.py Add Application Credentials controller 2018-01-27 11:55:05 +01:00
access_token.py Add scope_types to oauth policies 2018-01-05 22:25:05 +00:00
application_credential.py Add Application Credentials controller 2018-01-27 11:55:05 +01:00
auth.py Implement GET /v3/auth/system 2018-01-24 01:09:16 +00:00
base.py Add scope checks to common system role definitions 2018-12-18 21:20:29 +00:00
consumer.py Add scope_types to oauth policies 2018-01-05 22:25:05 +00:00
credential.py Implement scope_type checking for credentials 2018-10-29 15:01:29 +00:00
domain.py Add scope checks to common system role definitions 2018-12-18 21:20:29 +00:00
domain_config.py Add scope_types to domain config policies 2018-01-19 20:17:30 +00:00
ec2_credential.py Document scope_types for ec2 policies 2018-01-19 22:30:35 +00:00
endpoint.py Add scope_types to endpoint policies 2018-01-04 16:08:12 +00:00
endpoint_group.py Add scope_types to endpoint group policies 2018-01-05 21:47:10 +00:00
grant.py Merge "Add scope_types to grant policies" 2018-01-26 21:48:27 +00:00
group.py Implement system reader role for groups 2018-12-19 20:14:17 +00:00
identity_provider.py Add scope_types to identity provider policies 2018-01-04 19:57:36 +00:00
implied_role.py Add scope_types to implied role policies 2018-01-04 21:32:18 +00:00
limit.py Add policy for limit model protection 2018-06-19 20:27:00 +08:00
mapping.py Add scope_types to mapping policies 2018-01-04 20:21:58 +00:00
policy.py Add scope_types for policy policies 2018-01-05 22:25:55 +00:00
policy_association.py Add scope_types to policy association policies 2018-01-04 20:37:30 +00:00
project.py Document scope_types for project policies 2018-01-23 17:11:11 +00:00
project_endpoint.py Add scope_types to project endpoint policies 2018-01-04 21:04:09 +00:00
protocol.py Add scope_types to protocol policies 2018-01-04 21:11:19 +00:00
region.py Add scope_types to region policies 2018-01-04 16:11:54 +00:00
registered_limit.py Update registered limit policies for system admin 2018-12-11 09:13:59 +00:00
revoke_event.py Add scope_types for revoke event policies 2018-01-04 21:14:16 +00:00
role.py Update role policies for system reader 2018-12-04 15:45:42 +00:00
role_assignment.py Add scope_types to role assignment policies 2018-01-23 15:54:24 +00:00
service.py Add scope_types to service policies 2018-01-04 19:46:10 +00:00
service_provider.py Add scope_types to service provider policies 2018-01-19 20:24:56 +00:00
token.py Remove v2.0 policies 2018-02-20 22:38:17 +00:00
token_revocation.py Add scope_types to token revocation policies 2018-01-05 21:53:24 +00:00
trust.py Add scope_types to trust policies 2018-01-23 16:36:24 +00:00
user.py Add scope_types for user policies 2018-01-29 17:23:06 +00:00