Support and enforce user roles defined in Keystone

Registered by Keith Newstadt on 2014-04-03

Spec:
https://wiki.openstack.org/wiki/MagnetoDB/specs/rbac

Add support for roles. For example...

- User A may have full access to all tables and data in a project
- User B may be able to create tables and rows, but not delete them
- User C may be able to read row data but not modify it
- User D may be able to add rows to a table, but not modify the rows that are there
- User E may be able add rows but not read them

Blueprint information

Status:
Complete
Approver:
Ilya Sviridov
Priority:
Medium
Drafter:
Ajaya Agrawal
Direction:
Approved
Assignee:
Ajaya Agrawal
Definition:
Approved
Series goal:
Accepted for kilo
Implementation:
Implemented
Milestone target:
milestone icon kilo-2
Started by
Ajaya Agrawal on 2014-10-06
Completed by
Ajaya Agrawal on 2014-12-23

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/support-roles,n,z

Addressed by: https://review.openstack.org/124391
    (WIP) Role based policy checking

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.