From 8c6291c915bd9f806600642b188f2bbb5fc716bc Mon Sep 17 00:00:00 2001
From: asteroide <thomas.duval@orange.com>
Date: Fri, 22 Apr 2016 16:06:08 +0200
Subject: Move policy files to a better location for the installation process.

Change-Id: If74a878058983df8e432927e87b3da69214d9888
---
 .../etc/policies/policy_rbac_admin/rule.json       | 94 ++++++++++++++++++++++
 1 file changed, 94 insertions(+)
 create mode 100644 keystone-moon/etc/policies/policy_rbac_admin/rule.json

(limited to 'keystone-moon/etc/policies/policy_rbac_admin/rule.json')

diff --git a/keystone-moon/etc/policies/policy_rbac_admin/rule.json b/keystone-moon/etc/policies/policy_rbac_admin/rule.json
new file mode 100644
index 00000000..c89ceff3
--- /dev/null
+++ b/keystone-moon/etc/policies/policy_rbac_admin/rule.json
@@ -0,0 +1,94 @@
+{
+  "rbac_rule":[
+    ["root_role" , "read", "authz.subjects"],
+    ["root_role" , "read", "authz.objects"],
+    ["root_role" , "read", "authz.actions"],
+    ["root_role" , "read", "authz.subject_categories"],
+    ["root_role" , "read", "authz.object_categories"],
+    ["root_role" , "read", "authz.action_categories"],
+    ["root_role" , "read", "authz.subject_scopes"],
+    ["root_role" , "read", "authz.object_scopes"],
+    ["root_role" , "read", "authz.action_scopes"],
+    ["root_role" , "read", "authz.subject_assignments"],
+    ["root_role" , "read", "authz.object_assignments"],
+    ["root_role" , "read", "authz.action_assignments"],
+    ["root_role" , "read", "authz.aggregation_algorithm"],
+    ["root_role" , "read", "authz.sub_meta_rules"],    
+    ["root_role" , "read", "authz.rules"],
+    ["root_role" , "write", "authz.subjects"],
+    ["root_role" , "write", "authz.objects"],
+    ["root_role" , "write", "authz.actions"],
+    ["root_role" , "write", "authz.subject_categories"],
+    ["root_role" , "write", "authz.object_categories"],
+    ["root_role" , "write", "authz.action_categories"],
+    ["root_role" , "write", "authz.subject_scopes"],
+    ["root_role" , "write", "authz.object_scopes"],
+    ["root_role" , "write", "authz.action_scopes"],
+    ["root_role" , "write", "authz.subject_assignments"],
+    ["root_role" , "write", "authz.object_assignments"],
+    ["root_role" , "write", "authz.action_assignments"],
+    ["root_role" , "write", "authz.aggregation_algorithm"],
+    ["root_role" , "write", "authz.sub_meta_rules"],    
+    ["root_role" , "write", "authz.rules"], 
+    ["root_role" , "read", "admin.subjects"],
+    ["root_role" , "read", "admin.objects"],
+    ["root_role" , "read", "admin.actions"],
+    ["root_role" , "read", "admin.subject_categories"],
+    ["root_role" , "read", "admin.object_categories"],
+    ["root_role" , "read", "admin.action_categories"],
+    ["root_role" , "read", "admin.subject_scopes"],
+    ["root_role" , "read", "admin.object_scopes"],
+    ["root_role" , "read", "admin.action_scopes"],
+    ["root_role" , "read", "admin.subject_assignments"],
+    ["root_role" , "read", "admin.object_assignments"],
+    ["root_role" , "read", "admin.action_assignments"],
+    ["root_role" , "read", "admin.aggregation_algorithm"],
+    ["root_role" , "read", "admin.sub_meta_rules"],    
+    ["root_role" , "read", "admin.rules"],
+    ["root_role" , "write", "admin.subjects"],
+    ["root_role" , "write", "admin.objects"],
+    ["root_role" , "write", "admin.actions"],
+    ["root_role" , "write", "admin.subject_categories"],
+    ["root_role" , "write", "admin.object_categories"],
+    ["root_role" , "write", "admin.action_categories"],
+    ["root_role" , "write", "admin.subject_scopes"],
+    ["root_role" , "write", "admin.object_scopes"],
+    ["root_role" , "write", "admin.action_scopes"],
+    ["root_role" , "write", "admin.subject_assignments"],
+    ["root_role" , "write", "admin.object_assignments"],
+    ["root_role" , "write", "admin.action_assignments"],
+    ["root_role" , "write", "admin.aggregation_algorithm"],
+    ["root_role" , "write", "admin.sub_meta_rules"],    
+    ["root_role" , "write", "admin.rules"],
+    ["dev_role" , "read", "authz.subjects"],
+    ["dev_role" , "read", "authz.objects"],
+    ["dev_role" , "read", "authz.actions"],
+    ["dev_role" , "read", "authz.subject_categories"],
+    ["dev_role" , "read", "authz.object_categories"],
+    ["dev_role" , "read", "authz.action_categories"],
+    ["dev_role" , "read", "authz.subject_scopes"],
+    ["dev_role" , "read", "authz.object_scopes"],
+    ["dev_role" , "read", "authz.action_scopes"],
+    ["dev_role" , "read", "authz.subject_assignments"],
+    ["dev_role" , "read", "authz.object_assignments"],
+    ["dev_role" , "read", "authz.action_assignments"],
+    ["dev_role" , "read", "authz.aggregation_algorithm"],
+    ["dev_role" , "read", "authz.sub_meta_rules"],
+    ["dev_role" , "read", "authz.rules"],
+    ["dev_role" , "read", "admin.subjects"],
+    ["dev_role" , "read", "admin.objects"],
+    ["dev_role" , "read", "admin.actions"],
+    ["dev_role" , "read", "admin.subject_categories"],
+    ["dev_role" , "read", "admin.object_categories"],
+    ["dev_role" , "read", "admin.action_categories"],
+    ["dev_role" , "read", "admin.subject_scopes"],
+    ["dev_role" , "read", "admin.object_scopes"],
+    ["dev_role" , "read", "admin.action_scopes"],
+    ["dev_role" , "read", "admin.subject_assignments"],
+    ["dev_role" , "read", "admin.object_assignments"],
+    ["dev_role" , "read", "admin.action_assignments"],
+    ["dev_role" , "read", "admin.aggregation_algorithm"],
+    ["dev_role" , "read", "admin.sub_meta_rules"],
+    ["dev_role" , "read", "admin.rules"]
+  ]
+}
-- 
cgit 1.2.3-korg