openstack
/
neutron
Code Issues Proposed changes
neutron/neutron/conf/policies
History
Slawek Kaplonski 428f7a8418 [S-RBAC] Add service role in neutron policy 
RBAC community wide goal phase-2[1] is to add service
role for the service APIs policy rule.
This patch adds new "service_api" role in policies, deprecates old rule
"context_is_advsvc" as this had basically same goal but for consistency
reasons we want now to have it named "service_api" as in other policies
for other projects.
This patch also adds unit tests to ensure what is allowed and what is
forbidden for the service role user.

[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-2

Closes-Bug: #2026182

Change-Id: Iaa1a3a491d310c2304f6500c6e5d2b9c31a72fa8
 		2023-10-06 07:55:05 +00:00
..
__init__.py Default SG api rules template - DB and OVO models 2023-07-07 10:43:34 +02:00
address_group.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
address_scope.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
agent.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
auto_allocated_topology.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
availability_zone.py [S-RBAC] Get availability zone API available for READER role 2023-04-17 17:31:20 +02:00
base.py [S-RBAC] Add service role in neutron policy 2023-10-06 07:55:05 +00:00
default_security_group_rules.py Default SG api rules template - DB and OVO models 2023-07-07 10:43:34 +02:00
flavor.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
floatingip.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
floatingip_pools.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
floatingip_port_forwarding.py [S-RBAC] Fix new policies for FIP PFs APIs 2023-05-09 12:54:28 +02:00
l3_conntrack_helper.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
local_ip.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
local_ip_association.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
logging.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
metering.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
ndp_proxy.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
network.py [S-RBAC] Add service role in neutron policy 2023-10-06 07:55:05 +00:00
network_ip_availability.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
network_segment_range.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
port.py [S-RBAC] Add service role in neutron policy 2023-10-06 07:55:05 +00:00
port_bindings.py [S-RBAC] Add service role in neutron policy 2023-10-06 07:55:05 +00:00
qos.py [S-RBAC] Get QoS rule types API available for READER role 2023-05-11 11:15:29 +00:00
quotas.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
rbac.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
router.py Add extra router attributes for ECMP and BFD 2023-07-25 17:03:34 +02:00
security_group.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
segment.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
service_type.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
subnet.py Add NET_OWNER_MEMBER and NET_OWNER_READER policy rules 2023-08-04 15:48:12 +02:00
subnetpool.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00
trunk.py Use neutron-lib policy rules 2023-03-07 21:24:33 +03:00