aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/examples/moon/policies/policy_admin/rule.json
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/examples/moon/policies/policy_admin/rule.json')
-rw-r--r--keystone-moon/examples/moon/policies/policy_admin/rule.json80
1 files changed, 61 insertions, 19 deletions
diff --git a/keystone-moon/examples/moon/policies/policy_admin/rule.json b/keystone-moon/examples/moon/policies/policy_admin/rule.json
index 650405a9..e80c61c1 100644
--- a/keystone-moon/examples/moon/policies/policy_admin/rule.json
+++ b/keystone-moon/examples/moon/policies/policy_admin/rule.json
@@ -1,22 +1,64 @@
{
- "rbac_rule":[
-
- ["admin" , "ft", "admin", "subjects"],
- ["admin" , "ft", "admin", "objects"],
- ["admin" , "ft", "admin", "actions"],
- ["admin" , "ft", "admin", "subject_categories"],
- ["admin" , "ft", "admin", "object_categories"],
- ["admin" , "ft", "admin", "action_categories"],
- ["admin" , "ft", "admin", "subject_category_scope"],
- ["admin" , "ft", "admin", "object_category_scope"],
- ["admin" , "ft", "admin", "action_category_scope"],
- ["admin" , "ft", "admin", "sub_rules"],
- ["admin" , "ft", "admin", "sub_meta_rule"],
- ["admin" , "ft", "admin", "subject_assignments"],
- ["admin" , "ft", "admin", "object_assignments"],
- ["admin" , "ft", "admin", "action_assignments"],
- ["admin" , "ft", "admin", "sub_meta_rule_relations"],
- ["admin" , "ft", "admin", "aggregation_algorithms"]
-
+ "rbac_rule":[
+ ["root_role" , "read", "authz.subjects"],
+ ["root_role" , "read", "authz.objects"],
+ ["root_role" , "read", "authz.actions"],
+ ["root_role" , "read", "authz.subject_categories"],
+ ["root_role" , "read", "authz.object_categories"],
+ ["root_role" , "read", "authz.action_categories"],
+ ["root_role" , "read", "authz.subject_category_scopes"],
+ ["root_role" , "read", "authz.object_category_scopes"],
+ ["root_role" , "read", "authz.action_category_scopes"],
+ ["root_role" , "read", "authz.subject_assignments"],
+ ["root_role" , "read", "authz.object_assignments"],
+ ["root_role" , "read", "authz.action_assignments"],
+ ["root_role" , "read", "authz.aggregation_algorithm"],
+ ["root_role" , "read", "authz.sub_meta_rules"],
+ ["root_role" , "read", "authz.rules"],
+ ["root_role" , "write", "authz.subjects"],
+ ["root_role" , "write", "authz.objects"],
+ ["root_role" , "write", "authz.actions"],
+ ["root_role" , "write", "authz.subject_categories"],
+ ["root_role" , "write", "authz.object_categories"],
+ ["root_role" , "write", "authz.action_categories"],
+ ["root_role" , "write", "authz.subject_category_scopes"],
+ ["root_role" , "write", "authz.object_category_scopes"],
+ ["root_role" , "write", "authz.action_category_scopes"],
+ ["root_role" , "write", "authz.subject_assignments"],
+ ["root_role" , "write", "authz.object_assignments"],
+ ["root_role" , "write", "authz.action_assignments"],
+ ["root_role" , "write", "authz.aggregation_algorithm"],
+ ["root_role" , "write", "authz.sub_meta_rules"],
+ ["root_role" , "write", "authz.rules"],
+ ["root_role" , "read", "admin.subjects"],
+ ["root_role" , "read", "admin.objects"],
+ ["root_role" , "read", "admin.actions"],
+ ["root_role" , "read", "admin.subject_categories"],
+ ["root_role" , "read", "admin.object_categories"],
+ ["root_role" , "read", "admin.action_categories"],
+ ["root_role" , "read", "admin.subject_category_scopes"],
+ ["root_role" , "read", "admin.object_category_scopes"],
+ ["root_role" , "read", "admin.action_category_scopes"],
+ ["root_role" , "read", "admin.subject_assignments"],
+ ["root_role" , "read", "admin.object_assignments"],
+ ["root_role" , "read", "admin.action_assignments"],
+ ["root_role" , "read", "admin.aggregation_algorithm"],
+ ["root_role" , "read", "admin.sub_meta_rules"],
+ ["root_role" , "read", "admin.rules"],
+ ["root_role" , "write", "admin.subjects"],
+ ["root_role" , "write", "admin.objects"],
+ ["root_role" , "write", "admin.actions"],
+ ["root_role" , "write", "admin.subject_categories"],
+ ["root_role" , "write", "admin.object_categories"],
+ ["root_role" , "write", "admin.action_categories"],
+ ["root_role" , "write", "admin.subject_category_scopes"],
+ ["root_role" , "write", "admin.object_category_scopes"],
+ ["root_role" , "write", "admin.action_category_scopes"],
+ ["root_role" , "write", "admin.subject_assignments"],
+ ["root_role" , "write", "admin.object_assignments"],
+ ["root_role" , "write", "admin.action_assignments"],
+ ["root_role" , "write", "admin.aggregation_algorithm"],
+ ["root_role" , "write", "admin.sub_meta_rules"],
+ ["root_role" , "write", "admin.rules"]
]
}