Add L3 resources to policy.json

This patch adds the l3 resources to policy.json. I tested changing the
rule to rule:admin_only for all the resources added and they were
enforced as expected.

Fixes bug 1186077

Change-Id: Ib5e2879165d9dc6416be4c96c62d6e49452d3be5

diff --git a/etc/policy.json b/etc/policy.json
index d62a724f76ec96b3f2dcf141abf47830deba932f..6e31a33c5694c199acea615440d9f9bf5a578393 100644 (file)
--- a/etc/policy.json
+++ b/etc/policy.json
@@ -73,5 +73,16 @@
     "delete_l3-router": "rule:admin_only",
     "get_l3-routers": "rule:admin_only",
     "get_dhcp-agents": "rule:admin_only",
-    "get_l3-agents": "rule:admin_only"
+    "get_l3-agents": "rule:admin_only",
+
+    "create_router": "rule:regular_user",
+    "get_router": "rule:admin_or_owner",
+    "update_router:add_router_interface": "rule:admin_or_owner",
+    "update_router:remove_router_interface": "rule:admin_or_owner",
+    "delete_router": "rule:admin_or_owner",
+
+    "create_floatingip": "rule:regular_user",
+    "update_floatingip": "rule:admin_or_owner",
+    "delete_floatingip": "rule:admin_or_owner",
+    "get_floatingip": "rule:admin_or_owner"
 }