Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Syncing policy engine from oslo-incubator
Syncing policy module - commit a53c4dc Includes patch 0da5de6 implementing Blueprint policy-constant-check python update.py --nodeps --base keystone --dest-dir ../keystone/ --modules policy ----- Adds the ability to check any resource's field against a constant (literal, or string) in the policy.json file. For instance, I can ensure that only users with field `enabled` set to False can be deleted with the following rule: "identity:delete_user": "False:%(target.user.enabled)s", Or that only the `Member` role can be granted: "identity:create_grant": "'Member':%(target.role.name)s", ----- Change-Id: I054271306f20aac47ce5e9dac594bc1989fee56d Implements: blueprint policy-constant-check
- Loading branch information