summaryrefslogtreecommitdiffstats
path: root/keystone-moon/examples/moon/policies/policy_admin/scope.json
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/examples/moon/policies/policy_admin/scope.json')
-rw-r--r--keystone-moon/examples/moon/policies/policy_admin/scope.json80
1 files changed, 44 insertions, 36 deletions
diff --git a/keystone-moon/examples/moon/policies/policy_admin/scope.json b/keystone-moon/examples/moon/policies/policy_admin/scope.json
index 3742a5e4..74b1d019 100644
--- a/keystone-moon/examples/moon/policies/policy_admin/scope.json
+++ b/keystone-moon/examples/moon/policies/policy_admin/scope.json
@@ -1,39 +1,47 @@
{
- "subject_scopes": {
- "role": [
- "admin"
- ],
- "domain": [
- "ft",
- "xx"
- ]
- },
-
- "action_scopes": {
- "access": [
- "admin",
- "user"
- ]
- },
-
- "object_scopes": {
- "id": [
- "subjects",
- "objects",
- "actions",
- "subject_categories",
- "object_categories",
- "action_categories",
- "subject_category_scope",
- "object_category_scope",
- "action_category_scope",
- "sub_rules",
- "sub_meta_rule",
- "subject_assignments",
- "object_assignments",
- "action_assignments",
- "sub_meta_rule_relations",
- "aggregation_algorithms"
- ]
+ "subject_scopes": {
+ "role": [
+ "root_role"
+ ]
+ },
+ "action_scopes": {
+ "action_id": [
+ "read",
+ "write"
+ ]
+ },
+ "object_scopes": {
+ "action_id": [
+ "authz.subjects",
+ "authz.objects",
+ "authz.actions",
+ "authz.subject_categories",
+ "authz.object_categories",
+ "authz.action_categories",
+ "authz.subject_category_scopes",
+ "authz.object_category_scopes",
+ "authz.action_category_scopes",
+ "authz.subject_assignments",
+ "authz.object_assignments",
+ "authz.action_assignments",
+ "authz.aggregation_algorithm",
+ "authz.sub_meta_rules",
+ "authz.rules",
+ "admin.subjects",
+ "admin.objects",
+ "admin.actions",
+ "admin.subject_categories",
+ "admin.object_categories",
+ "admin.action_categories",
+ "admin.subject_category_scopes",
+ "admin.object_category_scopes",
+ "admin.action_category_scopes",
+ "admin.subject_assignments",
+ "admin.object_assignments",
+ "admin.action_assignments",
+ "admin.aggregation_algorithm",
+ "admin.sub_meta_rules",
+ "admin.rules"
+ ]
}
}