Improve documentation of what data is used in checks

Bug #1886857 reported by Ben Nemec on 2020-07-08
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Raildo Mascena de Sousa Filho

Bug Description

The examples in the documentation[0] use a number of "magic" values such as project_id and user_id, but don't discuss where they come from or how someone writing a policy would find out all of the values available to them. Further, there is little/no discussion of how to determine what data is available in the target object[1]. I've included a very brief mention of that in [2], but I think it would be good to make it a more prominent part of the docs as it is very important for anyone writing their own policy rules.

1: This is further confused by the fact that "target" is an overloaded term. The docs use it to refer to the name of the rule, while the code uses it to refer to the object being operated on by the API call. We should also address that.

Fix proposed to branch: master

Changed in oslo.policy:
assignee: nobody → Raildo Mascena de Sousa Filho (raildo)
status: Triaged → In Progress
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers