| *** dayou has quit IRC | 01:38 | |
| *** dayou has joined #openstack-barbican | 01:47 | |
| *** dayou has quit IRC | 05:10 | |
| *** Anticimex has quit IRC | 05:10 | |
| *** tinwood has quit IRC | 05:10 | |
| *** dayou has joined #openstack-barbican | 05:15 | |
| *** Anticimex has joined #openstack-barbican | 05:15 | |
| *** tinwood has joined #openstack-barbican | 05:15 | |
| *** dayou has quit IRC | 05:54 | |
| *** dayou has joined #openstack-barbican | 05:55 | |
| *** xek has joined #openstack-barbican | 06:36 | |
| *** msciciel has joined #openstack-barbican | 07:10 | |
| msciciel | Hi,I have a question about policy for container consumers. Am I correctly understand that below policy in the code should allow user with read acl to create consumer for container? policy.DocumentedRuleDefault( name='consumers:post', check_str='rule:admin or rule:container_non_private_read or ' + | 07:18 |
|---|---|---|
| msciciel | 'rule:container_project_creator or ' + 'rule:container_project_admin or rule:container_acl_read', scope_types=[], description='Creates a consumer.', operations=[ { 'path': '/v1/containers/{container-id}/consumers', 'method': 'POST' } ] ), | 07:18 |
| msciciel | policy.RuleDefault( name='container_acl_read', check_str="'read':%(target.container.read)s"),It's not working for me and I wonder if I'm doing something wrong or it's designed to work other way. My current solution is below policy to allow role 'creator' to update consumers:{"consumers:post": "rule:admin or rule:creator or | 07:18 |
| msciciel | rule:container_non_private_read or rule:container_project_creator or rule:container_project_admin or rule:container_acl_read"} | 07:18 |
| *** tosky has joined #openstack-barbican | 07:30 | |
| *** msciciel has quit IRC | 08:54 | |
| *** raildo has joined #openstack-barbican | 12:23 | |
| *** dayou has quit IRC | 13:23 | |
| *** dayou has joined #openstack-barbican | 13:28 | |
| *** dayou has quit IRC | 13:33 | |
| *** dayou has joined #openstack-barbican | 13:33 | |
| *** moguimar has joined #openstack-barbican | 14:09 | |
| *** moguimar has quit IRC | 15:24 | |
| *** moguimar has joined #openstack-barbican | 15:26 | |
| *** moguimar has quit IRC | 19:22 | |
| *** raildo has quit IRC | 19:30 | |
| *** raildo has joined #openstack-barbican | 19:50 | |
| *** raildo has quit IRC | 21:35 | |
| *** xek has quit IRC | 22:12 | |
| *** tosky has quit IRC | 23:21 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!