barbican  12.0.0
About: OpenStack Barbican is the OpenStack Key Manager service. It provides secure storage, provisioning and management of secret data.
The "Wallaby" series (latest release).
  Fossies Dox: barbican-12.0.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

quotas.py
Go to the documentation of this file.
1 # Licensed under the Apache License, Version 2.0 (the "License"); you may
2 # not use this file except in compliance with the License. You may obtain
3 # a copy of the License at
4 #
5 # http://www.apache.org/licenses/LICENSE-2.0
6 #
7 # Unless required by applicable law or agreed to in writing, software
8 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10 # License for the specific language governing permissions and limitations
11 # under the License.
12 
13 from oslo_policy import policy
14 
15 
16 _READER = "role:reader"
17 _SYSTEM_ADMIN = "role:admin and system_scope:all"
18 _SYSTEM_READER = "role:reader and system_scope:all"
19 
20 rules = [
21  policy.DocumentedRuleDefault(
22  name='quotas:get',
23  check_str=f'rule:all_users or {_READER}',
24  scope_types=['project'],
25  description='List quotas for the project the user belongs to.',
26  operations=[
27  {
28  'path': '/v1/quotas',
29  'method': 'GET'
30  }
31  ]
32  ),
33  policy.DocumentedRuleDefault(
34  name='project_quotas:get',
35  check_str=f'rule:service_admin or {_SYSTEM_READER}',
36  scope_types=['system'],
37  description='List quotas for the specified project.',
38  operations=[
39  {
40  'path': '/v1/project-quotas',
41  'method': 'GET'
42  },
43  {
44  'path': '/v1/project-quotas/{uuid}',
45  'method': 'GET'
46  }
47  ]
48  ),
49  policy.DocumentedRuleDefault(
50  name='project_quotas:put',
51  check_str=f'rule:service_admin or {_SYSTEM_ADMIN}',
52  scope_types=['system'],
53  description='Create or update the configured project quotas for '
54  'the project with the specified UUID.',
55  operations=[
56  {
57  'path': '/v1/project-quotas/{uuid}',
58  'method': 'PUT'
59  }
60  ]
61  ),
62  policy.DocumentedRuleDefault(
63  name='project_quotas:delete',
64  check_str=f'rule:service_admin or {_SYSTEM_ADMIN}',
65  scope_types=['system'],
66  description='Delete the project quotas configuration for the '
67  'project with the requested UUID.',
68  operations=[
69  {
70  'path': '/v1/quotas}',
71  'method': 'DELETE'
72  }
73  ]
74  ),
75 ]
76 
77 
78 def list_rules():
79  return rules