[openstack-dev] Domain ID in Policy_dict
arvind.tiwari at hp.com
Thu Jan 16 16:08:47 UTC 2014
I think you have to define rule as below
"domain-admin": "role:domain_admin and domain_id:%(target.domain.domain_id)s"
Associate this rule with APIS which you want to scope to domain admin.
Try and let us know.
From: bounces at canonical.com [mailto:bounces at canonical.com] On Behalf Of Telles Mota Vidal Nóbrega
Sent: Thursday, January 16, 2014 6:30 AM
To: Tiwari, Arvind
Subject: Domain ID in Policy_dict
Hi, i'm working on some new features for openstack and this merge that
you submitted https://review.openstack.org/#/c/50488/ does most of what
I need. I updated the code here but I couldn't make it work, my idea is
to create a role called domain_admin, to check this we would need to
check if the user is admin and is owner of the domain and for that we
would need the domain_id t o be checked at the policy.json which by the
examples you posted works. Unfortunetly I wasn't able to do so, can you
help me out, give me some tips on how to get this working?
This message was sent from Launchpad by
using the "Contact this user" link on your profile page
For more information see
More information about the OpenStack-dev