Add rule for list_groups_for_user in policy.json

Providing an initial policy rule for the list_groups_for_user operation in the sample policy.json file for the ease of configuration. Fixes bug #1167836 Change-Id: Id253729098a95d3b129babde1b3706f409a095dd
author: Liang Chen <cbjchen@cn.ibm.com> 2013-04-11 18:05:00 +0800
committer: Liang Chen <cbjchen@cn.ibm.com> 2013-04-23 17:39:07 +0800
commit: 50073c5a0e00389518ee414e3ef1ef1f5db1676d (patch)
tree: 3bba6c74e2e3f0fc841f6e1ec8e6566505b3b2e6 /etc/policy.json
parent: cbac77110ee1d7b9abc5a23f973dab27e8b32015 (diff)
download: keystone-50073c5a0e00389518ee414e3ef1ef1f5db1676d.tar.gz
keystone-50073c5a0e00389518ee414e3ef1ef1f5db1676d.tar.xz
keystone-50073c5a0e00389518ee414e3ef1ef1f5db1676d.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/policy.json b/etc/policy.json
index 17da8eac..f53161ef 100644
--- a/etc/policy.json
+++ b/etc/policy.json
@@ -38,6 +38,7 @@
 
     "identity:get_group": [["rule:admin_required"]],
     "identity:list_groups": [["rule:admin_required"]],
+    "identity:list_groups_for_user": [["rule:admin_or_owner"]],
     "identity:create_group": [["rule:admin_required"]],
     "identity:update_group": [["rule:admin_required"]],
     "identity:delete_group": [["rule:admin_required"]],
author	Liang Chen <cbjchen@cn.ibm.com>	2013-04-11 18:05:00 +0800
committer	Liang Chen <cbjchen@cn.ibm.com>	2013-04-23 17:39:07 +0800
commit	50073c5a0e00389518ee414e3ef1ef1f5db1676d (patch)
tree	3bba6c74e2e3f0fc841f6e1ec8e6566505b3b2e6 /etc/policy.json
parent	cbac77110ee1d7b9abc5a23f973dab27e8b32015 (diff)
download	keystone-50073c5a0e00389518ee414e3ef1ef1f5db1676d.tar.gz keystone-50073c5a0e00389518ee414e3ef1ef1f5db1676d.tar.xz keystone-50073c5a0e00389518ee414e3ef1ef1f5db1676d.zip