Ask Your Question
0

Horizon role based access control with custom roles

asked 2015-09-22 17:25:39 -0500

davidc gravatar image

I'm working on customizing horizon such that there exist custom "pseudo admin" roles in Keystone, that is to say, within Horizon, these custom roles can do some things an admin user can do, but not everything. For example, I want to expose a link within the Admin panel on Horizon side bar to one of these pseudo admin roles but still hide it from all other roles.

A potential solution I came up with was to add this custom role to the admin roles permission. What I mean by that is admin by default has two permissions - openstack.roles._member_ and openstack.roles.admin, so I want to add the permission openstack.roles.mypseudoadmin to admin role, then tag the Admin panel with that permission. That way it will be exposed to and accessible through both the pseudo admin, and admin roles.

Is there a way, through Keystone or Horizon, to add to these permissions for a given role? Or is there a better approach to this?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2018-03-07 09:27:12 -0500

okdan gravatar image

Old question...I stumbled upon it when searching for my own question. Just add new roles with the Openstack CLI:

  • openstack role create mypseudoadmin

Then, in your panel code add:

  • permissions = ('openstack.roles.member, openstack.roles.admin, openstack.roles.mypseudoadmin')
edit flag offensive delete link more

Comments

Don't forget to log out, log in to Horizon! It does cache certain things, i.e. tokens even though it's an API. (I thought it could be done on the fly)

okdan gravatar imageokdan ( 2018-03-14 10:05:31 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-09-22 17:25:39 -0500

Seen: 689 times

Last updated: Sep 22 '15