diff options
| author | Vishvananda Ishaya <vishvananda@yahoo.com> | 2010-06-24 04:11:54 +0100 |
|---|---|---|
| committer | andy <github@anarkystic.com> | 2010-06-24 04:11:54 +0100 |
| commit | 28cd0ed991bb7f31495797e25969d325872cd542 (patch) | |
| tree | aebab37e2309cb5bc39d1c27512600ad22980642 /nova/auth | |
| parent | 23733a44c152d6998e5ab3a7a96db9728030f627 (diff) | |
Tests for rbac code
Diffstat (limited to 'nova/auth')
| -rw-r--r-- | nova/auth/users.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/nova/auth/users.py b/nova/auth/users.py index 98462b362..f3248166c 100644 --- a/nova/auth/users.py +++ b/nova/auth/users.py @@ -58,6 +58,10 @@ flags.DEFINE_string('role_ldap_subtree', 'ou=Groups,dc=example,dc=com', 'OU for # mapping with these flags is necessary because we're going to tie in to an existing ldap schema flags.DEFINE_string('ldap_cloudadmin', 'cn=cloudadmins,ou=Groups,dc=example,dc=com', 'cn for Cloud Admins') +flags.DEFINE_string('ldap_sysadmin', + 'cn=sysadmins,ou=Groups,dc=example,dc=com', 'cn for Sysadmins') +flags.DEFINE_string('ldap_netadmin', + 'cn=netadmins,ou=Groups,dc=example,dc=com', 'cn for NetAdmins') # a user with one of these roles will be a superuser and have access to all api commands flags.DEFINE_list('superuser_roles', ['cloudadmin'], 'roles that ignore rbac checking completely') |