c9e312f8b4
The default policy will been replaced with one which aligns with the Secure-RBAC scopes and roles. Since ironic-inspector is a tool used only by system-level admins, only the ``system`` scope is supported, and the only roles in the policy rules are ``admin`` and ``reader``. The is_admin and is_observer rules are deprecated for removal, and every rule which refers to them are deprecated in favor of the system-scoped equivalent (system_scope:all with role:admin or role:reader) No unit tests covered the existing policy, these are now covered by test_acl.TestACLDeprecated. Change-Id: I4d038245c6b97b1504fb47eeec78ad3f9e5a897c |
||
---|---|---|
.. | ||
cmd | ||
common | ||
conductor | ||
conf | ||
locale/en_GB/LC_MESSAGES | ||
migrations | ||
plugins | ||
pxe_filter | ||
test | ||
__init__.py | ||
alembic.ini | ||
api_tools.py | ||
db.py | ||
introspect.py | ||
introspection_state.py | ||
known_accelerators.yaml | ||
main.py | ||
node_cache.py | ||
policy.py | ||
process.py | ||
rules.py | ||
utils.py | ||
version.py | ||
wsgi_service.py |