[openstack-dev] [neutron] Why does nova.network.neutronv2.get_client(context, admin=True) drop auth_token?
m at metacloud.com
Thu Aug 29 02:33:36 UTC 2013
On Wed, Aug 28, 2013 at 5:22 PM, Yongsheng Gong <gongysh at unitedstack.com>wrote:
> For admin, we must use admin token. In general, the token from API
> context is not of role admin.
If this functionality is supposed to be allowed to non-admin users,
wouldn't it be easier to provide access to it to non-admin users, instead
of escalating permissions (maybe RBAC)? I'll admit not knowing why this
needs escalation, but it stands out as an odd approach in my mind.
> I think the BP can help
This isn't likely what you are looking for. It would still require lookups
to the backend for a number of reasons (not listed, as I don't think it is
relevant for this conversation).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev