← Back to branch summary

~ubuntu-branches/ubuntu/vivid/neutron/vivid-updates

« back to all changes in this revision

Viewing changes to neutron/tests/etc/policy.json

  • Committer: Package Import Robot
  • Author(s): James Page
  • Date: 2015-03-30 11:17:19 UTC
  • mfrom: (1.1.21)
  • Revision ID: package-import@ubuntu.com-20150330111719-h0gx7233p4jkkgfh
Tags: 1:2015.1~b3-0ubuntu1
https://launchpad.net/bugs/1263539
* New upstream milestone release:
  - d/control: Align version requirements with upstream.
  - d/control: Add new dependency on oslo-log.
  - d/p/*: Rebase.
  - d/control,d/neutron-plugin-hyperv*: Dropped, decomposed into
    separate project upstream.
  - d/control,d/neutron-plugin-openflow*: Dropped, decomposed into
    separate project upstream.
  - d/neutron-common.install: Add neutron-rootwrap-daemon and 
    neutron-keepalived-state-change binaries.
  - d/rules: Ignore neutron-hyperv-agent when installing; only for Windows.
  - d/neutron-plugin-cisco.install: Drop neutron-cisco-cfg-agent as
    decomposed into separate project upstream.
  - d/neutron-plugin-vmware.install: Drop neutron-check-nsx-config and
    neutron-nsx-manage as decomposed into separate project upstream.
  - d/control: Add dependency on python-neutron-fwaas to neutron-l3-agent.
* d/pydist-overrides: Add overrides for oslo packages.
* d/control: Fixup type in package description (LP: #1263539).
* d/p/fixup-driver-test-execution.patch: Cherry pick fix from upstream VCS
  to support unit test exection in out-of-tree vendor drivers.
* d/neutron-common.postinst: Allow general access to /etc/neutron but limit
  access to root/neutron to /etc/neutron/neutron.conf to support execution
  of unit tests in decomposed vendor drivers.
* d/control: Add dependency on python-neutron-fwaas to neutron-l3-agent
  package.

Show diffs side-by-side

added added

removed removed

Lines of Context:
neutron/tests/etc/policy.json
 
1
{
 
2
    "context_is_admin":  "role:admin",
 
3
    "admin_or_owner": "rule:context_is_admin or tenant_id:%(tenant_id)s",
 
4
    "context_is_advsvc":  "role:advsvc",
 
5
    "admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s",
 
6
    "admin_only": "rule:context_is_admin",
 
7
    "regular_user": "",
 
8
    "shared": "field:networks:shared=True",
 
9
    "shared_firewalls": "field:firewalls:shared=True",
 
10
    "shared_firewall_policies": "field:firewall_policies:shared=True",
 
11
    "external": "field:networks:router:external=True",
 
12
    "default": "rule:admin_or_owner",
 
13
 
 
14
    "create_subnet": "rule:admin_or_network_owner",
 
15
    "get_subnet": "rule:admin_or_owner or rule:shared",
 
16
    "update_subnet": "rule:admin_or_network_owner",
 
17
    "delete_subnet": "rule:admin_or_network_owner",
 
18
 
 
19
    "create_network": "",
 
20
    "get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc",
 
21
    "get_network:router:external": "rule:regular_user",
 
22
    "get_network:segments": "rule:admin_only",
 
23
    "get_network:provider:network_type": "rule:admin_only",
 
24
    "get_network:provider:physical_network": "rule:admin_only",
 
25
    "get_network:provider:segmentation_id": "rule:admin_only",
 
26
    "get_network:queue_id": "rule:admin_only",
 
27
    "create_network:shared": "rule:admin_only",
 
28
    "create_network:router:external": "rule:admin_only",
 
29
    "create_network:segments": "rule:admin_only",
 
30
    "create_network:provider:network_type": "rule:admin_only",
 
31
    "create_network:provider:physical_network": "rule:admin_only",
 
32
    "create_network:provider:segmentation_id": "rule:admin_only",
 
33
    "update_network": "rule:admin_or_owner",
 
34
    "update_network:segments": "rule:admin_only",
 
35
    "update_network:shared": "rule:admin_only",
 
36
    "update_network:provider:network_type": "rule:admin_only",
 
37
    "update_network:provider:physical_network": "rule:admin_only",
 
38
    "update_network:provider:segmentation_id": "rule:admin_only",
 
39
    "update_network:router:external": "rule:admin_only",
 
40
    "delete_network": "rule:admin_or_owner",
 
41
 
 
42
    "create_port": "",
 
43
    "create_port:mac_address": "rule:admin_or_network_owner or rule:context_is_advsvc",
 
44
    "create_port:fixed_ips": "rule:admin_or_network_owner or rule:context_is_advsvc",
 
45
    "create_port:port_security_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc",
 
46
    "create_port:binding:host_id": "rule:admin_only",
 
47
    "create_port:binding:profile": "rule:admin_only",
 
48
    "create_port:mac_learning_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc",
 
49
    "get_port": "rule:admin_or_owner or rule:context_is_advsvc",
 
50
    "get_port:queue_id": "rule:admin_only",
 
51
    "get_port:binding:vif_type": "rule:admin_only",
 
52
    "get_port:binding:vif_details": "rule:admin_only",
 
53
    "get_port:binding:host_id": "rule:admin_only",
 
54
    "get_port:binding:profile": "rule:admin_only",
 
55
    "update_port": "rule:admin_or_owner or rule:context_is_advsvc",
 
56
    "update_port:mac_address": "rule:admin_only or rule:context_is_advsvc",
 
57
    "update_port:fixed_ips": "rule:admin_or_network_owner or rule:context_is_advsvc",
 
58
    "update_port:port_security_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc",
 
59
    "update_port:binding:host_id": "rule:admin_only",
 
60
    "update_port:binding:profile": "rule:admin_only",
 
61
    "update_port:mac_learning_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc",
 
62
    "delete_port": "rule:admin_or_owner or rule:context_is_advsvc",
 
63
 
 
64
    "get_router:ha": "rule:admin_only",
 
65
    "create_router": "rule:regular_user",
 
66
    "create_router:external_gateway_info:enable_snat": "rule:admin_only",
 
67
    "create_router:distributed": "rule:admin_only",
 
68
    "create_router:ha": "rule:admin_only",
 
69
    "get_router": "rule:admin_or_owner",
 
70
    "get_router:distributed": "rule:admin_only",
 
71
    "update_router:external_gateway_info:enable_snat": "rule:admin_only",
 
72
    "update_router:distributed": "rule:admin_only",
 
73
    "update_router:ha": "rule:admin_only",
 
74
    "delete_router": "rule:admin_or_owner",
 
75
 
 
76
    "add_router_interface": "rule:admin_or_owner",
 
77
    "remove_router_interface": "rule:admin_or_owner",
 
78
 
 
79
    "create_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
 
80
    "update_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
 
81
 
 
82
    "create_firewall": "",
 
83
    "get_firewall": "rule:admin_or_owner",
 
84
    "create_firewall:shared": "rule:admin_only",
 
85
    "get_firewall:shared": "rule:admin_only",
 
86
    "update_firewall": "rule:admin_or_owner",
 
87
    "update_firewall:shared": "rule:admin_only",
 
88
    "delete_firewall": "rule:admin_or_owner",
 
89
 
 
90
    "create_firewall_policy": "",
 
91
    "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewall_policies",
 
92
    "create_firewall_policy:shared": "rule:admin_or_owner",
 
93
    "update_firewall_policy": "rule:admin_or_owner",
 
94
    "delete_firewall_policy": "rule:admin_or_owner",
 
95
 
 
96
    "create_firewall_rule": "",
 
97
    "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls",
 
98
    "update_firewall_rule": "rule:admin_or_owner",
 
99
    "delete_firewall_rule": "rule:admin_or_owner",
 
100
 
 
101
    "create_qos_queue": "rule:admin_only",
 
102
    "get_qos_queue": "rule:admin_only",
 
103
 
 
104
    "update_agent": "rule:admin_only",
 
105
    "delete_agent": "rule:admin_only",
 
106
    "get_agent": "rule:admin_only",
 
107
 
 
108
    "create_dhcp-network": "rule:admin_only",
 
109
    "delete_dhcp-network": "rule:admin_only",
 
110
    "get_dhcp-networks": "rule:admin_only",
 
111
    "create_l3-router": "rule:admin_only",
 
112
    "delete_l3-router": "rule:admin_only",
 
113
    "get_l3-routers": "rule:admin_only",
 
114
    "get_dhcp-agents": "rule:admin_only",
 
115
    "get_l3-agents": "rule:admin_only",
 
116
    "get_loadbalancer-agent": "rule:admin_only",
 
117
    "get_loadbalancer-pools": "rule:admin_only",
 
118
    "get_agent-loadbalancers": "rule:admin_only",
 
119
    "get_loadbalancer-hosting-agent": "rule:admin_only",
 
120
 
 
121
    "create_floatingip": "rule:regular_user",
 
122
    "create_floatingip:floating_ip_address": "rule:admin_only",
 
123
    "update_floatingip": "rule:admin_or_owner",
 
124
    "delete_floatingip": "rule:admin_or_owner",
 
125
    "get_floatingip": "rule:admin_or_owner",
 
126
 
 
127
    "create_network_profile": "rule:admin_only",
 
128
    "update_network_profile": "rule:admin_only",
 
129
    "delete_network_profile": "rule:admin_only",
 
130
    "get_network_profiles": "",
 
131
    "get_network_profile": "",
 
132
    "update_policy_profiles": "rule:admin_only",
 
133
    "get_policy_profiles": "",
 
134
    "get_policy_profile": "",
 
135
 
 
136
    "create_metering_label": "rule:admin_only",
 
137
    "delete_metering_label": "rule:admin_only",
 
138
    "get_metering_label": "rule:admin_only",
 
139
 
 
140
    "create_metering_label_rule": "rule:admin_only",
 
141
    "delete_metering_label_rule": "rule:admin_only",
 
142
    "get_metering_label_rule": "rule:admin_only",
 
143
 
 
144
    "get_service_provider": "rule:regular_user",
 
145
    "get_lsn": "rule:admin_only",
 
146
    "create_lsn": "rule:admin_only"
 
147
}