[openstack-dev] [Climate] How we agree to determine that an user has admin rights ?
julien at danjou.info
Wed Nov 20 10:18:33 UTC 2013
On Wed, Nov 20 2013, Sylvain Bauza wrote:
> When reviewing https://review.openstack.org/#/c/54539/, it appeared to me
> that we need to make consensus on the way to know that a request is having
> admin creds.
> Currently, for implementing policies check in Climate, I'm looking at
> context.roles dict, which contains the unicode string 'admin' if so. I don't
> need to have an extra param. That said, having a method check_is_admin on
> the context module would be great, and I fully reckon it would be helpful.
> What do you think all folks ?
It depends on how fine grained you want your ACL to be, but anyway
setting a user as admin depends on the 'admin' role being present in the
context.roles dict or not, so I don't see the point of having an extra
param; a helper method, at best.
/* Free Software hacker * independent consultant
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 835 bytes
Desc: not available
More information about the OpenStack-dev