diff --git a/doc/source/getting-started/policy_mapping.rst b/doc/source/getting-started/policy_mapping.rst index 835e76a50b..b4fb355a15 100644 --- a/doc/source/getting-started/policy_mapping.rst +++ b/doc/source/getting-started/policy_mapping.rst @@ -36,6 +36,8 @@ identity:list_limits GET /v3/limits identity:create_limits POST /v3/limits identity:update_limit PATCH /v3/limits/{limit_id} identity:delete_limit DELETE /v3/limits/{limit_id} +identity:get_limit_model GET /v3/limits/model + HEAD /v3/limits/model identity:get_domain GET /v3/domains/{domain_id} identity:list_domains GET /v3/domains diff --git a/etc/policy.v3cloudsample.json b/etc/policy.v3cloudsample.json index 55f45929d5..7e40f7c957 100644 --- a/etc/policy.v3cloudsample.json +++ b/etc/policy.v3cloudsample.json @@ -34,6 +34,7 @@ "identity:update_registered_limit": "rule:admin_required", "identity:delete_registered_limit": "rule:admin_required", + "identity:get_limit_model": "", "identity:get_limit": "", "identity:list_limits": "", "identity:create_limits": "rule:admin_required", diff --git a/keystone/common/policies/limit.py b/keystone/common/policies/limit.py index 917678bc01..a50e4fd889 100644 --- a/keystone/common/policies/limit.py +++ b/keystone/common/policies/limit.py @@ -15,6 +15,15 @@ from oslo_policy import policy from keystone.common.policies import base limit_policies = [ + policy.DocumentedRuleDefault( + name=base.IDENTITY % 'get_limit_model', + check_str='', + scope_types=['system', 'project'], + description='Get limit enforcement model.', + operations=[{'path': '/v3/limits/model', + 'method': 'GET'}, + {'path': '/v3/limits/model', + 'method': 'HEAD'}]), policy.DocumentedRuleDefault( name=base.IDENTITY % 'get_limit', check_str='',