Policy registration in code
There are two issues being addressed here:
Given a deployed policy file it is not trivial to determine how much it differs
from the defaults that a project expects. This is due to there not being an
authoritative place to find all policies and their defaults. Some projects
provide sample files but they're not always exhaustive. And it's not easy to
diff a production policy file against the sample file after extensive
modification.
Given an authenticated request context it is not possible to determine which
policies will pass. This is because policy checks are ad hoc throughout the
code with no central registry of all possible checks. And a policy file may not
have all policies listed as some may be left to fallback to the default rule.
These will be addressed as described in https:/
Blueprint information
- Status:
- Not started
- Approver:
- Davanum Srinivas (DIMS)
- Priority:
- Undefined
- Drafter:
- Andrew Laski
- Direction:
- Approved
- Assignee:
- Andrew Laski
- Definition:
- Approved
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Work Items
Dependency tree
* Blueprints in grey have been implemented.
