Comment 3 for bug 1152716

Reviewed: https://review.openstack.org/28048
Committed: http://github.com/openstack/glance/commit/cc938e25f3babd8aa1299ae75cc5fa2cf24a00a0
Submitter: Jenkins
Branch: master

commit cc938e25f3babd8aa1299ae75cc5fa2cf24a00a0
Author: Eoghan Glynn <email address hidden>
Date: Wed May 1 15:41:53 2013 +0000

    Use RBAC policy to determine if context is admin.

    Fixes bug 1152716

    If the context roles do not match the configured admin_role,
    fall back to determining if admin via the "context_is_admin"
    RBAC policy rule (for consistency with the approach used by
    the other projects).

    Note this requires that the "context_is_admin" rule *must*
    be set in the policy.json if the out-of-the-box default rule
    is used (as this default is so open, the net effect of omitting
    the "context_is_admin" rule is for every request to acquire
    admin status).

    Change-Id: Ide2cf604b48f24bd759ce2d65091ff546cd9d22e