5dc2ab7bcd
A previous patch made it so that oslo.policy's ``enforce()`` method compares the context of the request to the ``scope_types`` of the policy being evaluated: I7fa171d859d82939511f8279e4e9464f792ed2cd After consuming the change across various projects, it became apparent that we would be duplicating configuration options in each project in order for operators to opt into this functionality. This commit adds a new configuration option that is meant to replace the kwarg that was introduced in a previous patch. This will make things more consistent for operators as they fix RBAC across their deployment. It will also make it easier for other OpenStack services to consumes the new scope_types enforcement. bp add-scope-to-policy Change-Id: Ia573b8cac3bf9cee2962790589dea24c7f530ef5
Team and repository tags
oslo.policy
The Oslo Policy library provides support for RBAC policy enforcement across all OpenStack services.
- Free software: Apache license
- Documentation: https://docs.openstack.org/oslo.policy/latest/
- Source: https://git.openstack.org/cgit/openstack/oslo.policy
- Bugs: https://bugs.launchpad.net/oslo.policy