Open Stack

Hi Tim,

In the implementation of Congress UI, I have realized that we need to add role assignment. In many systems and cases, RBAC (Role-Based Access Control) is an vital function which are beneficial to the division of work.
I think we should have “admin” and “tenant” user at least.  The admin user could define predicates or complicated relations used in the violations, and tenant user could just use the predicates defined by admin user.
A typical example is that, the owner of network connected to VM should be in the same group with the owner of this VM. In this example, same_group is a predicates or complicated relations. It should be defined by admin user. And this predicate could be used by any tenant user. In this way, some typical or common predicates could be defined in a individual admin board, and other tenant user could choose which one to use.

Yali

发件人: Tim Hinrichs [mailto:tim at styra.com]
发送时间: 2015年11月30日 10:37
收件人: zhangyali (D); OpenStack Development Mailing List (not for usage questions)
主题: Re: [openstack-dev][congress]role in Congress

Hi Yali,

We didn't discuss role assignment for service users in Tokyo.  Could you explain a bit more what you need?

Tim

On Sun, Nov 29, 2015 at 7:33 PM zhangyali (D) <zhangyali369 at huawei.com<mailto:zhangyali369 at huawei.com>> wrote:
Hi Tim and All,

I remember there is a topic named “role assignment for service users” in the Tokyo Summit. Since I have not heard any message of this topic. Does anyone could contribute some information for me? I think it is vital for my design of Congress UI in horizon. Thanks a lot!


Best Regards,
Yali
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20151130/49686e39/attachment.html>