Disallow non-admin to specify binding:profile

Change-Id: Iefa4b251f3b0a373fb9b2b7d576e14d58afece59
Fixes-Bug: #1214873
This commit is contained in:
Akihiro MOTOKI 2013-08-22 11:34:43 +09:00
parent b8e59b1bcc
commit 2b472caab2

View File

@ -44,6 +44,7 @@
"create_port:fixed_ips": "rule:admin_or_network_owner", "create_port:fixed_ips": "rule:admin_or_network_owner",
"create_port:port_security_enabled": "rule:admin_or_network_owner", "create_port:port_security_enabled": "rule:admin_or_network_owner",
"create_port:binding:host_id": "rule:admin_only", "create_port:binding:host_id": "rule:admin_only",
"create_port:binding:profile": "rule:admin_only",
"create_port:mac_learning_enabled": "rule:admin_or_network_owner", "create_port:mac_learning_enabled": "rule:admin_or_network_owner",
"get_port": "rule:admin_or_owner", "get_port": "rule:admin_or_owner",
"get_port:queue_id": "rule:admin_only", "get_port:queue_id": "rule:admin_only",
@ -55,6 +56,7 @@
"update_port:fixed_ips": "rule:admin_or_network_owner", "update_port:fixed_ips": "rule:admin_or_network_owner",
"update_port:port_security_enabled": "rule:admin_or_network_owner", "update_port:port_security_enabled": "rule:admin_or_network_owner",
"update_port:binding:host_id": "rule:admin_only", "update_port:binding:host_id": "rule:admin_only",
"update_port:binding:profile": "rule:admin_only",
"update_port:mac_learning_enabled": "rule:admin_or_network_owner", "update_port:mac_learning_enabled": "rule:admin_or_network_owner",
"delete_port": "rule:admin_or_owner", "delete_port": "rule:admin_or_owner",