glance/etc/policy.json
Aaron Rosen 96169ab5a0 make uploading an image as public admin only by default
Uploading an image with --is-public=True should by default only be allowed
by an admin tenant. Allowing anyone to upload an image as is_public is likely
a security concern. This changes the previous default behavior glance had
of allowing anyone to upload an image as is_public previously by default.

DocImpact
Closes-bug: 1317314

Change-Id: I60d2257115e9207e09b50d9f950076b7fe8237d7
2014-06-03 05:47:24 -07:00

33 lines
621 B
JSON

{
"context_is_admin": "role:admin",
"default": "",
"add_image": "",
"delete_image": "",
"get_image": "",
"get_images": "",
"modify_image": "",
"publicize_image": "role:admin",
"copy_from": "",
"download_image": "",
"upload_image": "",
"delete_image_location": "",
"get_image_location": "",
"set_image_location": "",
"add_member": "",
"delete_member": "",
"get_member": "",
"get_members": "",
"modify_member": "",
"manage_image_cache": "role:admin",
"get_task": "",
"get_tasks": "",
"add_task": "",
"modify_task": ""
}