Jump to: navigation, search


Revision as of 23:30, 17 February 2013 by Ryan Lane (talk | contribs) (Text replace - "__NOTOC__" to "")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
  • Launchpad Entry: CeilometerSpec:user-api
  • Created: 26 Nov 2012
  • Contributors: Doug Hellmann


We need an API for non-admin users to be able to query their own data. There isn't really any need for the two APIs to be different, if we check permissions in each API call and always include the user's tenant id in a query when the user is not an admin.

Release Note


User stories

  • As a User, I can query details about my resources
  • As an Admin, I can query details about any resource



All of the API endpoints should check the incoming keystone credentials. If the user is not an admin, the tenant id should be added to the query automatically. If the user is not an admin and they have provided a tenant id in the query spec that does not match their credentials, return a 404.

Admin users should get the behavior the API provides now.


UI Changes

The goal is to keep one set of API endpoints.

Code Changes



Test/Demo Plan

This need not be added or completed until the specification is nearing beta.

Unresolved issues

  1. We may have modify the lookup done by the '/resource/<resource-id>' URL because it does not examine a tenant id right now. What other URLs may have similar issues?
  2. Do we need a special role that gives the equivalent behavior without requiring admin privileges, so the billing system clients don't have to be admins?

BoF agenda and discussion

Use this section to take notes during the BoF; if you keep it in the approved spec, use it for summarising what was discussed and note any options that were rejected.