)]}'
{"cinder/policies/base.py":[{"author":{"_account_id":27615,"name":"Rajat Dhasmana","email":"rajatdhasmana@gmail.com","username":"whoami-rajat"},"change_message_id":"60becab4235abf865d2d1dabf9e3f45dd19eee40","unresolved":false,"context_lines":[{"line_number":22,"context_line":"SYSTEM_MEMBER \u003d \u0027role:member and system_scope:all\u0027"},{"line_number":23,"context_line":"SYSTEM_READER \u003d \u0027role:reader and system_scope:all\u0027"},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"PROJECT_ADMIN \u003d \u0027role:admin and project_id:%(project_id)s\u0027"},{"line_number":26,"context_line":"PROJECT_MEMBER \u003d \u0027role:member and project_id:%(project_id)s\u0027"},{"line_number":27,"context_line":"PROJECT_READER \u003d \u0027role:reader and project_id:%(project_id)s\u0027"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"SYSTEM_OR_DOMAIN_OR_PROJECT_ADMIN \u003d \u0027rule:system_or_domain_or_project_admin\u0027"},{"line_number":30,"context_line":"SYSTEM_OR_PROJECT_MEMBER \u003d \u0027(\u0027 + SYSTEM_MEMBER + \u0027) or (\u0027 + PROJECT_MEMBER + \u0027)\u0027"}],"source_content_type":"text/x-python","patch_set":2,"id":"1f621f24_94ef14af","line":27,"range":{"start_line":25,"start_character":0,"end_line":27,"end_character":60},"updated":"2020-11-05 11:31:46.000000000","message":"why we didn\u0027t add the domain roles ? namely,\nDOMAIN_ADMIN\nDOMAIN_MEMBER\nDOMAIN_READER","commit_id":"4ba759d0ba14715bd4f461e25dbf7eec1df73aa1"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"d255655852c1507e042779c80f964e66569b48e4","unresolved":false,"context_lines":[{"line_number":22,"context_line":"SYSTEM_MEMBER \u003d \u0027role:member and system_scope:all\u0027"},{"line_number":23,"context_line":"SYSTEM_READER \u003d \u0027role:reader and system_scope:all\u0027"},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"PROJECT_ADMIN \u003d \u0027role:admin and project_id:%(project_id)s\u0027"},{"line_number":26,"context_line":"PROJECT_MEMBER \u003d \u0027role:member and project_id:%(project_id)s\u0027"},{"line_number":27,"context_line":"PROJECT_READER \u003d \u0027role:reader and project_id:%(project_id)s\u0027"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"SYSTEM_OR_DOMAIN_OR_PROJECT_ADMIN \u003d \u0027rule:system_or_domain_or_project_admin\u0027"},{"line_number":30,"context_line":"SYSTEM_OR_PROJECT_MEMBER \u003d \u0027(\u0027 + SYSTEM_MEMBER + \u0027) or (\u0027 + PROJECT_MEMBER + \u0027)\u0027"}],"source_content_type":"text/x-python","patch_set":2,"id":"1f621f24_9a6e1693","line":27,"range":{"start_line":25,"start_character":0,"end_line":27,"end_character":60},"in_reply_to":"1f621f24_94ef14af","updated":"2020-11-05 19:13:03.000000000","message":"We certainly can if cinder is planning on supporting domain scope. I was hesitant to add them here in this patch because I wasn\u0027t sure if that would be in scope for wallaby.\n\nBased on conversations we had in keystone, and with other projects, system and project user support is more pressing than domain support.\n\nI\u0027m happy to adjust this as necessary though if cinder has other plans. I just didn\u0027t want to add something that wasn\u0027t going to get used right away.\n\nThoughts?","commit_id":"4ba759d0ba14715bd4f461e25dbf7eec1df73aa1"},{"author":{"_account_id":27615,"name":"Rajat Dhasmana","email":"rajatdhasmana@gmail.com","username":"whoami-rajat"},"change_message_id":"ac145c1a3a85b64def819e280f00856b4088393a","unresolved":false,"context_lines":[{"line_number":22,"context_line":"SYSTEM_MEMBER \u003d \u0027role:member and system_scope:all\u0027"},{"line_number":23,"context_line":"SYSTEM_READER \u003d \u0027role:reader and system_scope:all\u0027"},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"PROJECT_ADMIN \u003d \u0027role:admin and project_id:%(project_id)s\u0027"},{"line_number":26,"context_line":"PROJECT_MEMBER \u003d \u0027role:member and project_id:%(project_id)s\u0027"},{"line_number":27,"context_line":"PROJECT_READER \u003d \u0027role:reader and project_id:%(project_id)s\u0027"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"SYSTEM_OR_DOMAIN_OR_PROJECT_ADMIN \u003d \u0027rule:system_or_domain_or_project_admin\u0027"},{"line_number":30,"context_line":"SYSTEM_OR_PROJECT_MEMBER \u003d \u0027(\u0027 + SYSTEM_MEMBER + \u0027) or (\u0027 + PROJECT_MEMBER + \u0027)\u0027"}],"source_content_type":"text/x-python","patch_set":2,"id":"1f621f24_5d04784a","line":27,"range":{"start_line":25,"start_character":0,"end_line":27,"end_character":60},"in_reply_to":"1f621f24_9a6e1693","updated":"2020-11-05 21:05:05.000000000","message":"Makes sense.\nSince this change is harmless unless used in policies or exposed to user as a rule, i thought it was better to add all combinations but i agree that most of the policies will probably use system or project scope and we can add the domain policies later if needed.","commit_id":"4ba759d0ba14715bd4f461e25dbf7eec1df73aa1"},{"author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"tag":"autogenerated:zuul:check","change_message_id":"de3529cc9c06b97e80a69f2e30d6c8ca4202c220","unresolved":false,"context_lines":[{"line_number":27,"context_line":"PROJECT_READER \u003d \u0027role:reader and project_id:%(project_id)s\u0027"},{"line_number":28,"context_line":""},{"line_number":29,"context_line":"SYSTEM_OR_DOMAIN_OR_PROJECT_ADMIN \u003d \u0027rule:system_or_domain_or_project_admin\u0027"},{"line_number":30,"context_line":"SYSTEM_OR_PROJECT_MEMBER \u003d \u0027(\u0027 + SYSTEM_MEMBER + \u0027) or (\u0027 + PROJECT_MEMBER + \u0027)\u0027"},{"line_number":31,"context_line":"SYSTEM_OR_PROJECT_READER \u003d \u0027(\u0027 + SYSTEM_READER + \u0027) or (\u0027 + PROJECT_READER + \u0027)\u0027"},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"rules \u003d ["}],"source_content_type":"text/x-python","patch_set":2,"id":"3f65232a_95cf29af","line":30,"updated":"2020-10-28 03:42:19.000000000","message":"pep8: E501 line too long (80 \u003e 79 characters)","commit_id":"4ba759d0ba14715bd4f461e25dbf7eec1df73aa1"},{"author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"tag":"autogenerated:zuul:check","change_message_id":"de3529cc9c06b97e80a69f2e30d6c8ca4202c220","unresolved":false,"context_lines":[{"line_number":28,"context_line":""},{"line_number":29,"context_line":"SYSTEM_OR_DOMAIN_OR_PROJECT_ADMIN \u003d \u0027rule:system_or_domain_or_project_admin\u0027"},{"line_number":30,"context_line":"SYSTEM_OR_PROJECT_MEMBER \u003d \u0027(\u0027 + SYSTEM_MEMBER + \u0027) or (\u0027 + PROJECT_MEMBER + \u0027)\u0027"},{"line_number":31,"context_line":"SYSTEM_OR_PROJECT_READER \u003d \u0027(\u0027 + SYSTEM_READER + \u0027) or (\u0027 + PROJECT_READER + \u0027)\u0027"},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"rules \u003d ["},{"line_number":34,"context_line":"    policy.RuleDefault(\u0027context_is_admin\u0027, \u0027role:admin\u0027,"}],"source_content_type":"text/x-python","patch_set":2,"id":"3f65232a_f5c5bd8f","line":31,"updated":"2020-10-28 03:42:19.000000000","message":"pep8: E501 line too long (80 \u003e 79 characters)","commit_id":"4ba759d0ba14715bd4f461e25dbf7eec1df73aa1"}]}