On Fri, Jun 23 2017, Deepthi V V wrote: > Current gnocchi code supports RBAC at operation level [gnocchi/gnocchi/rest/policy.json]. > Is it possible to add RBAC for attributes in a resource? > For eg: Restrict resource search/show should display specific attributes only > when query is performed by resource creator or admin. oslo.policy does not have such a capability, so this is done by auth helpers: https://github.com/gnocchixyz/gnocchi/blob/master/gnocchi/rest/auth_helper.py They are picked by the `api.auth_mode' setting. Feel free to send patches or write a new one if you prefer. -- Julien Danjou /* Free Software hacker https://julien.danjou.info */ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 800 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170623/a1617675/attachment.sig>