1 files changed, 6 insertions, 7 deletions

diff --git a/etc/manila/policy.json b/etc/manila/policy.json
index f2002ff..d8188f6 100644
--- a/etc/manila/policy.json
+++ b/etc/manila/policy.json
@@ -1,8 +1,7 @@
 {
-    "deny_readonly": "not role:readonly",
-    "context_is_admin": "role:admin and rule:deny_readonly",
+    "context_is_admin": "role:admin",
     "admin_or_owner": "is_admin:True or project_id:%(project_id)s",
-    "default": "rule:admin_or_owner and rule:deny_readonly",
+    "default": "rule:admin_or_owner",
 
     "admin_api": "is_admin:True",
 
@@ -18,7 +17,7 @@
     "service:index": "rule:admin_api",
     "service:update": "rule:admin_api",
 
-    "share:create": "rule:deny_readonly",
+    "share:create": "",
     "share:delete": "rule:default",
     "share:get": "rule:default",
     "share:get_all": "rule:default",
@@ -72,9 +71,9 @@
     "share_type:default": "rule:default",
     "share_type:create": "rule:admin_api",
     "share_type:delete": "rule:admin_api",
-    "share_type:add_project_access": "rule:admin_api and rule:deny_readonly",
+    "share_type:add_project_access": "rule:admin_api",
     "share_type:list_project_access": "rule:admin_api",
-    "share_type:remove_project_access": "rule:admin_api and rule:deny_readonly",
+    "share_type:remove_project_access": "rule:admin_api",
 
     "share_types_extra_spec:create": "rule:admin_api",
     "share_types_extra_spec:update": "rule:admin_api",
@@ -102,7 +101,7 @@
     "share_network:detail": "rule:default",
     "share_network:show": "rule:default",
     "share_network:add_security_service": "rule:default",
-    "share_network:remove_security_service": "rule:default and rule:deny_readonly",
+    "share_network:remove_security_service": "rule:default",
     "share_network:get_all_share_networks": "rule:admin_api",
 
     "scheduler_stats:pools:index": "rule:admin_api",