UI actions controlled by RBAC defined by services
++++EDIT++++
Horizon should not be defining permissions itself; instead those decisions should be enforced by the policy engines of the individual services (current plan is to have those roll up through Keystone). Once keystone supports retrieving this data in the V3 API Horizon should move to this model ASAP.
+++ORIGINAL++++
Provide a configurable policy that control whether certain actions are displayed on the screen based on the privilege of the user. Leverage the Brain as the policy engine. The key in the policy would be the "dashboard:
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Superseded
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Gabriel Hurley
Related branches
Related bugs
Sprints
Whiteboard
This is effectively a duplicate of the ext-roles blueprint. I've marked it as superceded and updated the text of that blueprint to reflect the current state of OpenStack.