Implied Roles

Allow the user to create an inference rule between two roles. The first, called the prior role is the role explicitly assigned to an individual. The second, called the implied role, is one that the user gets implicitly. For example: Role B implies Role A. User X is assigned Role B. Therefore User X also assigned Role A. The management and maintenance of the rules is performed in the Keystone server. Change-Id: If547c2f16e812bc7fffd742ec37e6a26011f3185
2017-07-19 13:07:34 +00:00
parent 5cc4d5b530
commit 8cd3e258c5
6 changed files with 411 additions and 0 deletions
--- a/doc/source/cli/command-objects/implied_role.rst
+++ b/doc/source/cli/command-objects/implied_role.rst
@ -0,0 +1,57 @@
+============
+implied role
+============
+
+Identity v3
+
+
+implied role create
+-------------------
+
+Creates an association between prior and implied roles
+
+.. program:: implied role create
+.. code:: bash
+
+    openstack implied role create
+        <role>
+        --implied-role <role>
+
+.. option:: <role>
+
+    Prior role <role> (name or ID) implies another role
+
+.. option:: --implied-role <role>
+
+    <role> (name or ID) implied by another role
+
+
+implied role delete
+-------------------
+
+Deletes an association between prior and implied roles
+
+.. program:: implied role delete
+.. code:: bash
+
+    openstack implied role delete
+        <role>
+        --implied-role <role>
+
+.. option:: <role>
+
+    Prior role <role> (name or ID) implies another role
+
+.. option:: --implied-role <role>
+
+    <role> (name or ID) implied by another role
+
+implied role list
+-----------------
+
+List implied roles
+
+.. program:: implied role list
+.. code:: bash
+
+    openstack implied role list