[openstack-dev] [Climate] How we agree to determine that an user has admin rights ?

Julien Danjou julien at danjou.info
Wed Nov 20 10:18:33 UTC 2013

On Wed, Nov 20 2013, Sylvain Bauza wrote:

> When reviewing https://review.openstack.org/#/c/54539/, it appeared to me
> that we need to make consensus on the way to know that a request is having
> admin creds.
> Currently, for implementing policies check in Climate, I'm looking at
> context.roles dict, which contains the unicode string 'admin' if so. I don't
> need to have an extra param. That said, having a method check_is_admin on
> the context module would be great, and I fully reckon it would be helpful.
> What do you think all folks ?

It depends on how fine grained you want your ACL to be, but anyway
setting a user as admin depends on the 'admin' role being present in the
context.roles dict or not, so I don't see the point of having an extra
param; a helper method, at best.

Julien Danjou
/* Free Software hacker * independent consultant
   http://julien.danjou.info */
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131120/c66b9422/attachment.pgp>

More information about the OpenStack-dev mailing list