"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "barbican/common/policies/quotas.py" between
barbican-11.0.0.tar.gz and barbican-12.0.0.tar.gz

About: OpenStack Barbican is the OpenStack Key Manager service. It provides secure storage, provisioning and management of secret data.
The "Wallaby" series (latest release).

quotas.py  (barbican-11.0.0):quotas.py  (barbican-12.0.0)
skipping to change at line 15 skipping to change at line 15
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, software # Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
from oslo_policy import policy from oslo_policy import policy
_READER = "role:reader"
_SYSTEM_ADMIN = "role:admin and system_scope:all"
_SYSTEM_READER = "role:reader and system_scope:all"
rules = [ rules = [
policy.DocumentedRuleDefault( policy.DocumentedRuleDefault(
name='quotas:get', name='quotas:get',
check_str='rule:all_users', check_str=f'rule:all_users or {_READER}',
scope_types=[], scope_types=['project'],
description='List quotas for the project the user belongs to.', description='List quotas for the project the user belongs to.',
operations=[ operations=[
{ {
'path': '/v1/quotas', 'path': '/v1/quotas',
'method': 'GET' 'method': 'GET'
} }
] ]
), ),
policy.DocumentedRuleDefault( policy.DocumentedRuleDefault(
name='project_quotas:get', name='project_quotas:get',
check_str='rule:service_admin', check_str=f'rule:service_admin or {_SYSTEM_READER}',
scope_types=[], scope_types=['system'],
description='List quotas for the specified project.', description='List quotas for the specified project.',
operations=[ operations=[
{ {
'path': '/v1/project-quotas', 'path': '/v1/project-quotas',
'method': 'GET' 'method': 'GET'
}, },
{ {
'path': '/v1/project-quotas/{uuid}', 'path': '/v1/project-quotas/{uuid}',
'method': 'GET' 'method': 'GET'
} }
] ]
), ),
policy.DocumentedRuleDefault( policy.DocumentedRuleDefault(
name='project_quotas:put', name='project_quotas:put',
check_str='rule:service_admin', check_str=f'rule:service_admin or {_SYSTEM_ADMIN}',
scope_types=[], scope_types=['system'],
description='Create or update the configured project quotas for ' description='Create or update the configured project quotas for '
'the project with the specified UUID.', 'the project with the specified UUID.',
operations=[ operations=[
{ {
'path': '/v1/project-quotas/{uuid}', 'path': '/v1/project-quotas/{uuid}',
'method': 'PUT' 'method': 'PUT'
} }
] ]
), ),
policy.DocumentedRuleDefault( policy.DocumentedRuleDefault(
name='project_quotas:delete', name='project_quotas:delete',
check_str='rule:service_admin', check_str=f'rule:service_admin or {_SYSTEM_ADMIN}',
scope_types=[], scope_types=['system'],
description='Delete the project quotas configuration for the ' description='Delete the project quotas configuration for the '
'project with the requested UUID.', 'project with the requested UUID.',
operations=[ operations=[
{ {
'path': '/v1/quotas}', 'path': '/v1/quotas}',
'method': 'DELETE' 'method': 'DELETE'
} }
] ]
), ),
] ]
 End of changes. 5 change blocks. 
8 lines changed or deleted 12 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)