Project

Profile

Help

Story #7337

closed

Story #7338: [Epic] As a user, I have pulpcore enforcing Role Based Access Control

As a user, the orphan cleanup endpoint will support Role Based Access Control

Added by bmbouter over 4 years ago. Updated almost 3 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Ticket moved to GitHub: "pulp/pulpcore/1924":https://github.com/pulp/pulpcore/issues/1924


By default no users will be able to run orphan cleanup. This is reasonable because systems opt-in to RBAC by using non-admin users, so installs with 'admin' users will bypass this default policy.

One new permissions will be created. This will not be associated with any specific model, either a user has it or they don't.

  • ("execute_orphan_cleanup", "Can execute orphan cleanup"),

The orphan cleanup view will require this permission to execute. This view will not provide any queryset filtering as there are no orphan_cleanup views.


Related issues

Blocked by Pulp - Issue #7448: Users or plugin writers cannot create an AccessPolicy instance that does not auto-create permissionsCLOSED - CURRENTRELEASEbmbouterActions

Also available in: Atom PDF