Comment 13 for bug 1639220
Revision history for this message
| Ihar Hrachyshka (ihar-hrachyshka) wrote | #13 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
I don't think we should restrict changing default policy to admins. We don't restrict users from creating a port without a policy right now, and I don't think we should since it's UX feature, not a permission restriction RFE (at least the way it's described right now).
We would need to allow project owners (or whoever is allowed in policy.json) to mark a policy as default. On port/network creation, the value of the default policy will be copied into resource. (I believe we should not track later changes to the default policy since it's potentially disruptive.)
There is a question on what to do if a default policy is removed. I believe then we should unset the default value for all affected projects.
If there is interest in introducing a mechanism to ENFORCE a policy for a project, then it's a different discussion that would require a separate RFE.