Merge "fix: fix policy for all modules"

2022-06-30 10:47:09 +00:00 · 2022-06-30 10:47:09 +00:00 · dc8a730c89
commit dc8a730c89
parent 41eaf509b6 3ed9d74791
146 changed files with 390 additions and 139 deletions
--- a/src/components/Tables/Base/Action/index.jsx
+++ b/src/components/Tables/Base/Action/index.jsx
@ -17,6 +17,7 @@ import checkItemPolicy, { systemRoleIsReader } from 'resources/skyline/policy';
 export async function checkAllowed({
  item,
  policy,
+  aliasPolicy,
  allowed,
  containerProps,
  actionName,
@ -27,6 +28,7 @@ export async function checkAllowed({
  const { enableSystemReader } = action || {};
  const policyResult = checkItemPolicy({
    policy,
+    aliasPolicy,
    item,
    actionName,
    isAdminPage,
@ -57,6 +59,7 @@ export async function getAllowedResults({
    const result = checkAllowed({
      item: data,
      policy: key ? it[key].policy : it.policy,
+      aliasPolicy: key ? it[key].aliasPolicy : it.aliasPolicy,
      allowed: key ? it[key].allowed : it.allowed,
      containerProps,
      actionName: key ? it[key].title : it.title,
@ -72,11 +75,16 @@ export async function getAllowedResults({

 export function getPolicyResults({ actions, extra, isAdminPage }) {
  return actions.map((it) => {
-    const { policy, title, enableSystemReader } = it;
+    const { policy, aliasPolicy, title, enableSystemReader } = it;
    if (isAdminPage && !enableSystemReader && systemRoleIsReader()) {
      return false;
    }
-    const result = checkItemPolicy({ policy, actionName: title, extra });
+    const result = checkItemPolicy({
+      policy,
+      aliasPolicy,
+      actionName: title,
+      extra,
+    });
    return result;
  });
 }
--- a/src/containers/Action/ConfirmAction/index.jsx
+++ b/src/containers/Action/ConfirmAction/index.jsx
@ -91,6 +91,8 @@ export default class ConfirmAction {
  // eslint-disable-next-line no-unused-vars
  policy = '';

+  aliasPolicy = '';
+
  unescape = (message) => unescapeHtml(message);

  getItemId = (data) => data.id;
--- a/src/containers/Action/FormAction/index.jsx
+++ b/src/containers/Action/FormAction/index.jsx
@ -28,6 +28,10 @@ export default class FormAction extends BaseForm {

  static path = '/';

+  static policy = '';
+
+  static aliasPolicy = '';
+
  static allowed() {
    return Promise.resolve();
  }
--- a/src/containers/Action/ModalAction/index.jsx
+++ b/src/containers/Action/ModalAction/index.jsx
@ -26,6 +26,10 @@ export default class ModalAction extends BaseForm {

  static isDanger = false;

+  static policy = '';
+
+  static aliasPolicy = '';
+
  get name() {
    return t('Edit');
  }
--- a/src/containers/Action/StepAction/index.jsx
+++ b/src/containers/Action/StepAction/index.jsx
@ -27,6 +27,10 @@ export default class StepAction extends StepForm {

  static path = '/';

+  static policy = '';
+
+  static aliasPolicy = '';
+
  static get allowed() {
    return Promise.resolve();
  }
--- a/src/containers/List/index.jsx
+++ b/src/containers/List/index.jsx
@ -124,6 +124,10 @@ export default class BaseList extends React.Component {
    return '';
  }

+  get aliasPolicy() {
+    return '';
+  }
+
  get name() {
    return '';
  }
@ -620,7 +624,13 @@ export default class BaseList extends React.Component {
    if (this.endpointError) {
      return;
    }
-    if (!checkItemPolicy({ policy: this.policy, actionName: this.name })) {
+    if (
+      !checkItemPolicy({
+        policy: this.policy,
+        aliasPolicy: this.aliasPolicy,
+        actionName: this.name,
+      })
+    ) {
      const error = {
        message: t("You don't have access to get {name}.", {
          name: this.name.toLowerCase(),
--- a/src/containers/TabDetail/index.jsx
+++ b/src/containers/TabDetail/index.jsx
@ -62,6 +62,14 @@ export default class DetailBase extends React.Component {
    return this.props.match.params.id;
  }

+  get policy() {
+    return '';
+  }
+
+  get aliasPolicy() {
+    return '';
+  }
+
  get name() {
    return '';
  }
@ -252,7 +260,13 @@ export default class DetailBase extends React.Component {
  getRouteProps = () => ({});

  fetchDataWithPolicy = (silent, params) => {
-    if (!checkItemPolicy({ policy: this.policy, actionName: this.name })) {
+    if (
+      !checkItemPolicy({
+        policy: this.policy,
+        aliasPolicy: this.aliasPolicy,
+        actionName: this.name,
+      })
+    ) {
      const error = {
        message: t("You don't have access to get {name}.", {
          name: this.name.toLowerCase(),
--- a/src/locales/en.json
+++ b/src/locales/en.json
@ -176,7 +176,6 @@
  "Auto Scaling": "Auto Scaling",
  "Auto allocate mac address": "Auto allocate mac address",
  "Auto scaling feature will be enabled": "Auto scaling feature will be enabled",
-  "Automatic backup": "Automatic backup",
  "Automatically Assigned Address": "Automatically Assigned Address",
  "Automatically repair unhealhty nodes": "Automatically repair unhealhty nodes",
  "Availability Zone": "Availability Zone",
@ -1366,7 +1365,6 @@
  "Management": "Management",
  "Management Reason": "Management Reason",
  "Manu": "Manu",
-  "Manual backup": "Manual backup",
  "Manual input": "Manual input",
  "Manually Assigned Address": "Manually Assigned Address",
  "Manually Specify": "Manually Specify",
--- a/src/locales/zh.json
+++ b/src/locales/zh.json
@ -176,7 +176,6 @@
  "Auto Scaling": "自动缩放",
  "Auto allocate mac address": "自动分配MAC地址",
  "Auto scaling feature will be enabled": "将启用自动缩放功能",
-  "Automatic backup": "自动备份",
  "Automatically Assigned Address": "自动分配地址",
  "Automatically repair unhealhty nodes": "自动修复不健康的节点",
  "Availability Zone": "可用域",
@ -1366,7 +1365,6 @@
  "Management": "维护",
  "Management Reason": "维护原因",
  "Manu": "手动",
-  "Manual backup": "手动备份",
  "Manual input": "手动输入",
  "Manually Assigned Address": "手动分配地址",
  "Manually Specify": "手动指定",
--- a/src/pages/compute/containers/Hypervisors/Hypervisor/Detail/index.jsx
+++ b/src/pages/compute/containers/Hypervisors/Hypervisor/Detail/index.jsx
@ -25,7 +25,7 @@ export class HypervisorDetail extends Base {
  }

  get policy() {
-    return 'os_compute_api:os-hypervisors';
+    return 'os_compute_api:os-hypervisors:show';
  }

  get listUrl() {
--- a/src/pages/compute/containers/Hypervisors/Hypervisor/index.jsx
+++ b/src/pages/compute/containers/Hypervisors/Hypervisor/index.jsx
@ -26,7 +26,7 @@ export class Hypervisors extends Base {
  }

  get policy() {
-    return 'os_compute_api:os-hypervisors';
+    return 'os_compute_api:os-hypervisors:list';
  }

  get name() {
--- a/src/pages/compute/containers/Instance/Detail/ActionLog/index.jsx
+++ b/src/pages/compute/containers/Instance/Detail/ActionLog/index.jsx
@ -16,6 +16,10 @@ export class ActionLog extends Base {
    return 'request_id';
  }

+  get policy() {
+    return 'os_compute_api:os-instance-actions:list';
+  }
+
  getColumns = () => actionColumn(this);

  get hideSearch() {
--- a/src/pages/compute/containers/Instance/actions/DeleteIronic.jsx
+++ b/src/pages/compute/containers/Instance/actions/DeleteIronic.jsx
@ -37,7 +37,7 @@ export default class Delete extends ConfirmAction {
    return true;
  }

-  policy = 'os_compute_api:os-deferred-delete';
+  policy = 'os_compute_api:os-deferred-delete:force';

  allowedCheckFunc = (item) => {
    if (!item) {
--- a/src/pages/compute/containers/Instance/actions/SoftDelete.jsx
+++ b/src/pages/compute/containers/Instance/actions/SoftDelete.jsx
@ -52,7 +52,7 @@ export default class SoftDelete extends ConfirmAction {

  policy = [
    'os_compute_api:servers:delete',
-    'os_compute_api:os-deferred-delete',
+    'os_compute_api:os-deferred-delete:force',
  ];

  onChangeType(choosed, data) {
--- a/src/pages/configuration/containers/SystemInfo/CinderService/index.jsx
+++ b/src/pages/configuration/containers/SystemInfo/CinderService/index.jsx
@ -32,6 +32,10 @@ export class CinderService extends Base {
    return t('cinder services');
  }

+  get rowKey() {
+    return 'binary';
+  }
+
  get hasTab() {
    return true;
  }
--- a/src/pages/configuration/containers/SystemInfo/HeatService.jsx
+++ b/src/pages/configuration/containers/SystemInfo/HeatService.jsx
@ -24,7 +24,11 @@ export class HeatService extends Base {
  }

  get policy() {
-    return 'services:index';
+    return 'service:index';
+  }
+
+  get aliasPolicy() {
+    return 'heat:service:index';
  }

  get name() {
--- a/src/pages/container-infra/containers/ClusterTemplates/Detail/index.jsx
+++ b/src/pages/container-infra/containers/ClusterTemplates/Detail/index.jsx
@ -30,7 +30,7 @@ export class ClusterTemplateDetail extends Base {
  }

  get policy() {
-    return 'container-infra:clustertemplate:detail';
+    return 'clustertemplate:detail';
  }

  get actionConfigs() {
--- a/src/pages/container-infra/containers/ClusterTemplates/actions/Delete.jsx
+++ b/src/pages/container-infra/containers/ClusterTemplates/actions/Delete.jsx
@ -34,7 +34,7 @@ export default class Delete extends ConfirmAction {
    return t('Delete');
  }

-  policy = 'container-infra:clustertemplate:delete';
+  policy = 'clustertemplate:delete';

  allowedCheckFunc = () => true;

--- a/src/pages/container-infra/containers/ClusterTemplates/actions/Edit.jsx
+++ b/src/pages/container-infra/containers/ClusterTemplates/actions/Edit.jsx
@ -29,7 +29,7 @@ export class Edit extends Base {
    return this.getRoutePath('clusterTemplate');
  }

-  static policy = 'container-infra:clustertemplate:update';
+  static policy = 'clustertemplate:update';

  static path = (item) => {
    const key = 'containerInfraUpdateClusterTemplate';
--- a/src/pages/container-infra/containers/ClusterTemplates/actions/StepCreate/index.jsx
+++ b/src/pages/container-infra/containers/ClusterTemplates/actions/StepCreate/index.jsx
@ -31,7 +31,7 @@ export class StepCreate extends StepAction {

  static path = '/container-infra/cluster-template/create';

-  static policy = 'container-infra:clustertemplate:create';
+  static policy = 'clustertemplate:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/container-infra/containers/ClusterTemplates/index.jsx
+++ b/src/pages/container-infra/containers/ClusterTemplates/index.jsx
@ -27,7 +27,7 @@ export class ClusterTemplates extends Base {
  }

  get policy() {
-    return 'container-infra:clustertemplate:get_all';
+    return 'clustertemplate:get_all';
  }

  get actionConfigs() {
--- a/src/pages/container-infra/containers/Clusters/Detail/index.jsx
+++ b/src/pages/container-infra/containers/Clusters/Detail/index.jsx
@ -34,7 +34,7 @@ export class ClustersDetail extends Base {
  }

  get policy() {
-    return 'container-infra:cluster:detail';
+    return 'cluster:detail';
  }

  get actionConfigs() {
--- a/src/pages/container-infra/containers/Clusters/actions/Delete.jsx
+++ b/src/pages/container-infra/containers/Clusters/actions/Delete.jsx
@ -36,7 +36,7 @@ export default class DeleteClusters extends ConfirmAction {
    return true;
  }

-  policy = 'container-infra:cluster:delete';
+  policy = 'cluster:delete';

  allowedCheckFunc = () => true;

--- a/src/pages/container-infra/containers/Clusters/actions/Resize.jsx
+++ b/src/pages/container-infra/containers/Clusters/actions/Resize.jsx
@ -23,7 +23,7 @@ export class Resize extends ModalAction {

  static title = t('Resize Cluster');

-  policy = 'container-infra:cluster:resize';
+  policy = 'cluster:resize';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/container-infra/containers/Clusters/actions/StepCreate/index.jsx
+++ b/src/pages/container-infra/containers/Clusters/actions/StepCreate/index.jsx
@ -30,7 +30,7 @@ export class StepCreate extends StepAction {

  static path = '/container-infra/clusters/create';

-  static policy = 'container-infra:cluster:create';
+  static policy = 'cluster:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/container-infra/containers/Clusters/index.jsx
+++ b/src/pages/container-infra/containers/Clusters/index.jsx
@ -29,7 +29,7 @@ export class Clusters extends Base {
  }

  get policy() {
-    return 'container-infra:cluster:get_all';
+    return 'cluster:get_all';
  }

  get actionConfigs() {
--- a/src/pages/container-service/containers/Capsules/Detail/index.jsx
+++ b/src/pages/container-service/containers/Capsules/Detail/index.jsx
@ -32,7 +32,7 @@ export class CapsulesDetail extends Base {
  }

  get policy() {
-    return 'container:capsule:get_one_all_projects';
+    return 'capsule:get_one_all_projects';
  }

  get detailInfos() {
--- a/src/pages/container-service/containers/Capsules/actions/Create.jsx
+++ b/src/pages/container-service/containers/Capsules/actions/Create.jsx
@ -38,7 +38,7 @@ export class Create extends ModalAction {
    return t('Create Capsule');
  }

-  static policy = 'container:capsule:create';
+  static policy = 'capsule:create';

  get formItems() {
    return [
--- a/src/pages/container-service/containers/Capsules/actions/Delete.jsx
+++ b/src/pages/container-service/containers/Capsules/actions/Delete.jsx
@ -34,7 +34,7 @@ export default class DeleteCapsule extends ConfirmAction {
    return true;
  }

-  policy = 'container:capsule:delete';
+  policy = 'capsule:delete';

  allowedCheckFunc = () => true;

--- a/src/pages/container-service/containers/Capsules/index.jsx
+++ b/src/pages/container-service/containers/Capsules/index.jsx
@ -29,7 +29,7 @@ export class Capsules extends Base {
  }

  get policy() {
-    return 'container:capsule:get_all';
+    return 'capsule:get_all';
  }

  get actionConfigs() {
--- a/src/pages/container-service/containers/Containers/Detail/index.jsx
+++ b/src/pages/container-service/containers/Containers/Detail/index.jsx
@ -31,7 +31,7 @@ export class ContainerDetail extends Base {
  }

  get policy() {
-    return 'container:container:get_one';
+    return 'container:get_one';
  }

  get actionConfigs() {
--- a/src/pages/container-service/containers/Containers/actions/Delete.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Delete.jsx
@ -37,7 +37,9 @@ export default class DeleteContainer extends ConfirmAction {
    return t('Delete');
  }

-  policy = 'container:container:delete';
+  policy = 'container:delete';
+
+  aliasPolicy = 'zun:container:delete';

  allowedCheckFunc = (item) => checkItemAction(item, 'delete');

--- a/src/pages/container-service/containers/Containers/actions/Edit.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Edit.jsx
@ -22,7 +22,9 @@ export class EditContainer extends ModalAction {

  static buttonText = t('Edit');

-  static policy = 'container:container:update';
+  static policy = 'container:update';
+
+  static aliasPolicy = 'zun:container:update';

  static allowed = (item) => checkItemAction(item, 'update');

--- a/src/pages/container-service/containers/Containers/actions/ExecuteCommand.jsx
+++ b/src/pages/container-service/containers/Containers/actions/ExecuteCommand.jsx
@ -25,7 +25,9 @@ export class ExecuteCommandContainer extends ModalAction {

  static buttonText = t('Execute Command');

-  static policy = 'container:container:execute';
+  static policy = 'container:execute';
+
+  static aliasPolicy = 'zun:container:execute';

  static allowed = (item) => checkItemAction(item, 'execute');

--- a/src/pages/container-service/containers/Containers/actions/ForceDelete.jsx
+++ b/src/pages/container-service/containers/Containers/actions/ForceDelete.jsx
@ -31,7 +31,9 @@ export default class ForceDeleteContainer extends ConfirmAction {
    return t('Force Delete');
  }

-  policy = 'container:container:delete_force';
+  policy = 'container:delete_force';
+
+  aliasPolicy = 'zun:container:delete_force';

  allowedCheckFunc = (item) => checkItemAction(item, 'delete_force');

--- a/src/pages/container-service/containers/Containers/actions/Kill.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Kill.jsx
@ -22,7 +22,9 @@ export class KillContainer extends ModalAction {

  static buttonText = t('Kill');

-  static policy = 'container:container:kill';
+  static policy = 'container:kill';
+
+  static aliasPolicy = 'zun:container:kill';

  static allowed = (item) => checkItemAction(item, 'kill');

--- a/src/pages/container-service/containers/Containers/actions/Pause.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Pause.jsx
@ -31,7 +31,9 @@ export default class PauseContainer extends ConfirmAction {
    return t('Pause');
  }

-  policy = 'container:container:pause';
+  policy = 'container:pause';
+
+  aliasPolicy = 'zun:container:pause';

  allowedCheckFunc = (item) => checkItemAction(item, 'pause');

--- a/src/pages/container-service/containers/Containers/actions/Reboot.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Reboot.jsx
@ -31,7 +31,9 @@ export default class RebootContainer extends ConfirmAction {
    return t('Reboot');
  }

-  policy = 'container:container:reboot';
+  policy = 'container:reboot';
+
+  aliasPolicy = 'zun:container:reboot';

  allowedCheckFunc = (item) => checkItemAction(item, 'reboot');

--- a/src/pages/container-service/containers/Containers/actions/Rebuild.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Rebuild.jsx
@ -22,7 +22,9 @@ export class RebuildContainer extends ModalAction {

  static buttonText = t('Rebuild');

-  static policy = 'container:container:rebuild';
+  static policy = 'container:rebuild';
+
+  aliasPolicy = 'zun:container:rebuild';

  static allowed = (item) => checkItemAction(item, 'rebuild');

--- a/src/pages/container-service/containers/Containers/actions/Start.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Start.jsx
@ -31,7 +31,9 @@ export default class StartContainer extends ConfirmAction {
    return t('Start');
  }

-  policy = 'container:container:start';
+  policy = 'container:start';
+
+  aliasPolicy = 'zun:container:start';

  allowedCheckFunc = (item) => checkItemAction(item, 'start');

--- a/src/pages/container-service/containers/Containers/actions/StepCreate/index.jsx
+++ b/src/pages/container-service/containers/Containers/actions/StepCreate/index.jsx
@ -30,7 +30,9 @@ export class StepCreate extends StepAction {

  static path = '/container/containers/create';

-  static policy = 'container:container:create';
+  static policy = 'container:create';
+
+  static aliasPolicy = 'zun:container:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/container-service/containers/Containers/actions/Stop.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Stop.jsx
@ -33,7 +33,9 @@ export default class StopContainer extends ConfirmAction {
    return t('Stop');
  }

-  policy = 'container:container:stop';
+  policy = 'container:stop';
+
+  aliasPolicy = 'zun:container:stop';

  allowedCheckFunc = (item) => checkItemAction(item, 'stop');

--- a/src/pages/container-service/containers/Containers/actions/Unpause.jsx
+++ b/src/pages/container-service/containers/Containers/actions/Unpause.jsx
@ -33,7 +33,9 @@ export default class UnpauseContainer extends ConfirmAction {
    return t('Unpause');
  }

-  policy = 'container:container:unpause';
+  policy = 'container:unpause';
+
+  aliasPolicy = 'zun:container:unpause';

  allowedCheckFunc = (item) => checkItemAction(item, 'unpause');

--- a/src/pages/container-service/containers/Containers/index.jsx
+++ b/src/pages/container-service/containers/Containers/index.jsx
@ -29,7 +29,7 @@ export class Containers extends Base {
  }

  get policy() {
-    return 'container:container:get_all';
+    return 'container:get_all';
  }

  get actionConfigs() {
--- a/src/pages/container-service/containers/Hosts/Detail/index.jsx
+++ b/src/pages/container-service/containers/Hosts/Detail/index.jsx
@ -29,7 +29,7 @@ export class HostsDetail extends Base {
  }

  get policy() {
-    return 'container:host:get';
+    return 'host:get';
  }

  get detailInfos() {
--- a/src/pages/container-service/containers/Hosts/index.jsx
+++ b/src/pages/container-service/containers/Hosts/index.jsx
@ -29,7 +29,7 @@ export class Hosts extends Base {
  }

  get policy() {
-    return 'container:host:get_all';
+    return 'host:get_all';
  }

  getColumns = () => [
--- a/src/pages/database/containers/Backups/Detail/index.jsx
+++ b/src/pages/database/containers/Backups/Detail/index.jsx
@ -31,7 +31,7 @@ export class BackupsDetail extends Base {
  }

  get policy() {
-    return 'trove:backup:show';
+    return 'backup:show';
  }

  get detailInfos() {
--- a/src/pages/database/containers/Backups/actions/Create.jsx
+++ b/src/pages/database/containers/Backups/actions/Create.jsx
@ -39,7 +39,9 @@ export class Create extends ModalAction {
    return t('Create Backups');
  }

-  static policy = 'trove:backup:create';
+  static policy = 'backup:create';
+
+  static aliasPolicy = 'trove:backup:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/database/containers/Backups/actions/Delete.jsx
+++ b/src/pages/database/containers/Backups/actions/Delete.jsx
@ -34,7 +34,7 @@ export default class Delete extends ConfirmAction {

  allowedCheckFunction = () => true;

-  policy = 'trove:instance:delete';
+  policy = 'instance:delete';

  onSubmit = (item) => {
    return globalBackupsStore.delete({ id: item.id });
--- a/src/pages/database/containers/Backups/index.jsx
+++ b/src/pages/database/containers/Backups/index.jsx
@ -32,7 +32,7 @@ export class Backups extends Base {
  }

  get policy() {
-    return 'trove:backup:index';
+    return 'backup:index';
  }

  get searchFilters() {
--- a/src/pages/database/containers/Configurations/Detail/index.jsx
+++ b/src/pages/database/containers/Configurations/Detail/index.jsx
@ -33,7 +33,7 @@ export class ConfigurationsDetail extends Base {
  }

  get policy() {
-    return 'trove:configuration:show';
+    return 'configuration:show';
  }

  get detailInfos() {
--- a/src/pages/database/containers/Configurations/actions/Create.jsx
+++ b/src/pages/database/containers/Configurations/actions/Create.jsx
@ -41,7 +41,7 @@ export class Create extends ModalAction {
    return t('Create Configurations');
  }

-  static policy = 'trove:configuration:create';
+  static policy = 'configuration:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/database/containers/Configurations/actions/Delete.jsx
+++ b/src/pages/database/containers/Configurations/actions/Delete.jsx
@ -34,7 +34,7 @@ export default class Delete extends ConfirmAction {

  allowedCheckFunction = () => true;

-  policy = 'trove:instance:delete';
+  policy = 'instance:delete';

  onSubmit = (item) => {
    return globalConfigurationsStore.delete({ id: item.id });
--- a/src/pages/database/containers/Configurations/index.jsx
+++ b/src/pages/database/containers/Configurations/index.jsx
@ -32,7 +32,7 @@ export class Configurations extends Base {
  }

  get policy() {
-    return 'trove:configuration:index';
+    return 'configuration:index';
  }

  get searchFilters() {
--- a/src/pages/database/containers/Instances/Detail/Backups.jsx
+++ b/src/pages/database/containers/Instances/Detail/Backups.jsx
@ -26,7 +26,7 @@ export class Backups extends Base {
  }

  get policy() {
-    return 'trove:instance:backups';
+    return 'instance:backups';
  }

  getColumns = () => {
--- a/src/pages/database/containers/Instances/Detail/DatabaseCreate.jsx
+++ b/src/pages/database/containers/Instances/Detail/DatabaseCreate.jsx
@ -29,7 +29,7 @@ export class DatabaseCreate extends ModalAction {
    return t('Create Database');
  }

-  static policy = 'trove:instance:extension:database:create';
+  static policy = 'instance:extension:database:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/database/containers/Instances/Detail/DatabaseDelete.jsx
+++ b/src/pages/database/containers/Instances/Detail/DatabaseDelete.jsx
@ -38,7 +38,7 @@ export default class DatabaseDelete extends ConfirmAction {

  allowedCheckFunction = () => true;

-  policy = 'trove:instance:extension:database:delete';
+  policy = 'instance:extension:database:delete';

  onSubmit = (item) => {
    const { id } = this.containerProps.detail;
--- a/src/pages/database/containers/Instances/Detail/Databases.jsx
+++ b/src/pages/database/containers/Instances/Detail/Databases.jsx
@ -31,6 +31,10 @@ export class Databases extends Base {
  }

  get policy() {
+    return 'instance:detail';
+  }
+
+  get aliasPolicy() {
    return 'trove:instance:detail';
  }

--- a/src/pages/database/containers/Instances/Detail/Logs.jsx
+++ b/src/pages/database/containers/Instances/Detail/Logs.jsx
@ -26,7 +26,7 @@ export class Logs extends Base {
  }

  get policy() {
-    return 'trove:instance:guest_log_list';
+    return 'instance:guest_log_list';
  }

  getColumns = () => {
--- a/src/pages/database/containers/Instances/Detail/UserCreate.jsx
+++ b/src/pages/database/containers/Instances/Detail/UserCreate.jsx
@ -33,7 +33,7 @@ export class UserCreate extends ModalAction {
    return t('Create User');
  }

-  static policy = 'trove:instance:extension:user:create';
+  static policy = 'instance:extension:user:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/database/containers/Instances/Detail/UserDelete.jsx
+++ b/src/pages/database/containers/Instances/Detail/UserDelete.jsx
@ -38,7 +38,7 @@ export default class UserDelete extends ConfirmAction {

  allowedCheckFunction = () => true;

-  policy = 'trove:instance:extension:user:delete';
+  policy = 'instance:extension:user:delete';

  onSubmit = (item) => {
    const { id } = this.containerProps.detail;
--- a/src/pages/database/containers/Instances/Detail/Users.jsx
+++ b/src/pages/database/containers/Instances/Detail/Users.jsx
@ -38,7 +38,7 @@ export class Users extends Base {
  }

  get policy() {
-    return 'trove:instance:extension:user:index';
+    return 'instance:extension:user:index';
  }

  get hideCustom() {
--- a/src/pages/database/containers/Instances/Detail/index.jsx
+++ b/src/pages/database/containers/Instances/Detail/index.jsx
@ -33,6 +33,10 @@ export class InstancesDetail extends Base {
  }

  get policy() {
+    return 'instance:detail';
+  }
+
+  get aliasPolicy() {
    return 'trove:instance:detail';
  }

--- a/src/pages/database/containers/Instances/actions/Delete.jsx
+++ b/src/pages/database/containers/Instances/actions/Delete.jsx
@ -34,7 +34,7 @@ export default class Delete extends ConfirmAction {

  allowedCheckFunction = () => true;

-  policy = 'trove:instance:delete';
+  policy = 'instance:delete';

  onSubmit = (item) => {
    return globalInstancesStore.delete({ id: item.id });
--- a/src/pages/database/containers/Instances/actions/StepCreate/index.jsx
+++ b/src/pages/database/containers/Instances/actions/StepCreate/index.jsx
@ -31,7 +31,7 @@ export class StepCreate extends StepAction {

  static path = '/database/instances/create';

-  static policy = 'trove:instance:create';
+  static policy = 'instance:create';

  static allowed() {
    return Promise.resolve(true);
--- a/src/pages/database/containers/Instances/index.jsx
+++ b/src/pages/database/containers/Instances/index.jsx
@ -33,6 +33,10 @@ export class Instances extends Base {
  }

  get policy() {
+    return 'instance:index';
+  }
+
+  get aliasPolicy() {
    return 'trove:instance:index';
  }

--- a/src/pages/heat/containers/Stack/Detail/Event.jsx
+++ b/src/pages/heat/containers/Stack/Detail/Event.jsx
@ -27,6 +27,10 @@ export class Event extends Base {
    return 'events:index';
  }

+  get aliasPolicy() {
+    return 'heat:events:index';
+  }
+
  get name() {
    return t('stack events');
  }
--- a/src/pages/management/containers/RecycleBin/actions/Delete.jsx
+++ b/src/pages/management/containers/RecycleBin/actions/Delete.jsx
@ -36,7 +36,7 @@ export default class Delete extends ConfirmAction {
    return true;
  }

-  policy = 'os_compute_api:os-deferred-delete';
+  policy = 'os_compute_api:os-deferred-delete:force';

  allowedCheckFunc = (item) => {
    if (!item) {
--- a/src/pages/management/containers/RecycleBin/actions/Recover.jsx
+++ b/src/pages/management/containers/RecycleBin/actions/Recover.jsx
@ -36,7 +36,7 @@ export default class Recover extends ConfirmAction {
    return true;
  }

-  policy = 'os_compute_api:os-deferred-delete';
+  policy = 'os_compute_api:os-deferred-delete:restore';

  allowedCheckFunc = (item) => {
    if (!item) {
--- a/src/pages/network/containers/Certificate/Certificate.jsx
+++ b/src/pages/network/containers/Certificate/Certificate.jsx
@ -36,6 +36,10 @@ export class Certificate extends Base {
  }

  get policy() {
+    return ['containers:get', 'secrets:get'];
+  }
+
+  get aliasPolicy() {
    return ['barbican:containers:get', 'barbican:secrets:get'];
  }

--- a/src/pages/network/containers/Certificate/Detail/Container/index.jsx
+++ b/src/pages/network/containers/Certificate/Detail/Container/index.jsx
@ -25,6 +25,10 @@ export class Detail extends Base {
  }

  get policy() {
+    return 'container:get';
+  }
+
+  get aliasPolicy() {
    return 'barbican:container:get';
  }

--- a/src/pages/network/containers/Certificate/Detail/Secret/index.jsx
+++ b/src/pages/network/containers/Certificate/Detail/Secret/index.jsx
@ -25,7 +25,7 @@ export class Detail extends Base {
  }

  get policy() {
-    return 'barbican:secret:get';
+    return 'secret:get';
  }

  get name() {
--- a/src/pages/network/containers/Certificate/actions/Create.jsx
+++ b/src/pages/network/containers/Certificate/actions/Create.jsx
@ -30,7 +30,7 @@ export class CreateAction extends ModalAction {

  static title = t('Create Certificate');

-  static policy = ['barbican:secrets:post', 'barbican:containers:post'];
+  static policy = ['secrets:post', 'containers:post'];

  init() {
    this.store = globalContainersStore;
--- a/src/pages/network/containers/Certificate/actions/DeleteContainer.jsx
+++ b/src/pages/network/containers/Certificate/actions/DeleteContainer.jsx
@ -36,7 +36,9 @@ export default class DeleteAction extends ConfirmAction {
    return t('delete certificate');
  }

-  policy = ['barbican:secret:delete', 'barbican:container:delete'];
+  policy = ['secret:delete', 'container:delete'];
+
+  aliasPolicy = ['barbican:secret:delete', 'barbican:container:delete'];

  allowedCheckFunc = (item) => !item.listener;

--- a/src/pages/network/containers/Certificate/actions/DeleteSecret.jsx
+++ b/src/pages/network/containers/Certificate/actions/DeleteSecret.jsx
@ -36,7 +36,7 @@ export default class DeleteAction extends ConfirmAction {
    return t('delete certificate');
  }

-  policy = 'barbican:secret:delete';
+  policy = 'secret:delete';

  allowedCheckFunc = (item) => !item.listener;

--- a/src/pages/network/containers/QoSPolicy/Detail/index.jsx
+++ b/src/pages/network/containers/QoSPolicy/Detail/index.jsx
@ -28,6 +28,10 @@ export class QoSPolicyDetail extends Base {
    return 'get_policy';
  }

+  get aliasPolicy() {
+    return 'neutron:get_policy';
+  }
+
  get listUrl() {
    return this.getRoutePath('networkQos');
  }
--- a/src/pages/network/containers/QoSPolicy/QoSPolicy.jsx
+++ b/src/pages/network/containers/QoSPolicy/QoSPolicy.jsx
@ -66,6 +66,10 @@ export class QoSPolicy extends Base {
    return 'get_policy';
  }

+  get aliasPolicy() {
+    return 'neutron:get_policy';
+  }
+
  get name() {
    return t('QoS policies');
  }
--- a/src/pages/network/containers/QoSPolicy/actions/Create.jsx
+++ b/src/pages/network/containers/QoSPolicy/actions/Create.jsx
@ -22,14 +22,14 @@ export class Create extends ModalAction {

  static title = t('Create QoS Policy');

-  policy = () => 'create_policy';
-
  get name() {
    return t('Create QoS Policy');
  }

  static policy = 'create_policy';

+  static aliasPolicy = 'neutron:create_policy';
+
  static allowed = () => Promise.resolve(true);

  init() {
--- a/src/pages/network/containers/QoSPolicy/actions/Delete.jsx
+++ b/src/pages/network/containers/QoSPolicy/actions/Delete.jsx
@ -38,6 +38,8 @@ export default class DeleteAction extends ConfirmAction {

  policy = 'delete_policy';

+  aliasPolicy = 'neutron:delete_policy';
+
  allowedCheckFunc = (item) => {
    if (!item) {
      return true;
--- a/src/pages/network/containers/QoSPolicy/actions/Edit.jsx
+++ b/src/pages/network/containers/QoSPolicy/actions/Edit.jsx
@ -29,6 +29,8 @@ export class Edit extends ModalAction {

  static policy = 'update_policy';

+  static aliasPolicy = 'neutron:update_policy';
+
  static allowed = () => Promise.resolve(true);

  init() {
--- a/src/pages/network/containers/VPN/EndpointGroup/actions/Create.js
+++ b/src/pages/network/containers/VPN/EndpointGroup/actions/Create.js
@ -35,6 +35,8 @@ export class Create extends ModalAction {

  static policy = 'create_endpoint_group';

+  static aliasPolicy = 'neutron:create_endpoint_group';
+
  static allowed = () => Promise.resolve(true);

  get name() {
--- a/src/pages/network/containers/VPN/EndpointGroup/actions/Delete.jsx
+++ b/src/pages/network/containers/VPN/EndpointGroup/actions/Delete.jsx
@ -41,6 +41,8 @@ export default class DeleteAction extends ConfirmAction {

  policy = 'delete_endpoint_group';

+  aliasPolicy = 'neutron:delete_endpoint_group';
+
  allowedCheckFunc = (item) => {
    if (!item) {
      return true;
--- a/src/pages/network/containers/VPN/EndpointGroup/actions/Edit.js
+++ b/src/pages/network/containers/VPN/EndpointGroup/actions/Edit.js
@ -25,6 +25,8 @@ export class Edit extends ModalAction {

  static policy = 'update_endpoint_group';

+  static aliasPolicy = 'neutron:update_endpoint_group';
+
  static allowed = () => Promise.resolve(true);

  get defaultValue() {
--- a/src/pages/network/containers/VPN/EndpointGroup/index.jsx
+++ b/src/pages/network/containers/VPN/EndpointGroup/index.jsx
@ -40,6 +40,10 @@ export class EndpointGroup extends Base {
    return 'get_endpoint_group';
  }

+  get aliasPolicy() {
+    return 'neutron:get_endpoint_group';
+  }
+
  get name() {
    return t('vpn endpoint groups');
  }
--- a/src/pages/share/containers/Share/Detail/AccessRule/actions/Create.jsx
+++ b/src/pages/share/containers/Share/Detail/AccessRule/actions/Create.jsx
@ -51,7 +51,7 @@ export class Create extends ModalAction {
    this.store = globalShareAccessRuleStore;
  }

-  static policy = 'manila:share:allow_access';
+  static policy = 'share:allow_access';

  static allowed = () => Promise.resolve(true);

--- a/src/pages/share/containers/Share/Detail/AccessRule/actions/Delete.jsx
+++ b/src/pages/share/containers/Share/Detail/AccessRule/actions/Delete.jsx
@ -36,7 +36,7 @@ export default class Delete extends ConfirmAction {
    return t('Delete Share Access Rule');
  }

-  policy = 'manila:share:deny_access';
+  policy = 'share:deny_access';

  onSubmit = (data, containerProps) => {
    const { detail: { id } = {} } = containerProps;
--- a/src/pages/share/containers/Share/Detail/AccessRule/actions/ManageMetadata.jsx
+++ b/src/pages/share/containers/Share/Detail/AccessRule/actions/ManageMetadata.jsx
@ -39,8 +39,8 @@ export class ManageMetadata extends ModalAction {
  }

  static policy = [
-    'manila:share_access_metadata:update',
-    'manila:share_access_metadata:delete',
+    'share_access_metadata:update',
+    'share_access_metadata:delete',
  ];

  static allowed = () => Promise.resolve(true);
--- a/src/pages/share/containers/Share/Detail/AccessRule/index.jsx
+++ b/src/pages/share/containers/Share/Detail/AccessRule/index.jsx
@ -25,7 +25,7 @@ export class ShareAccessRule extends Base {
  }

  get policy() {
-    return 'manila:share_access_rule:index';
+    return 'share_access_rule:index';
  }

  get name() {
--- a/src/pages/share/containers/Share/Detail/Metadata/actions/Create.jsx
+++ b/src/pages/share/containers/Share/Detail/Metadata/actions/Create.jsx
@ -25,7 +25,7 @@ export class Create extends ModalAction {
    return t('Create Share Metadata');
  }

-  static policy = 'manila:share:update_share_metadata';
+  static policy = 'share:update_share_metadata';

  static allowed = () => Promise.resolve(true);

--- a/src/pages/share/containers/Share/Detail/Metadata/actions/Delete.jsx
+++ b/src/pages/share/containers/Share/Detail/Metadata/actions/Delete.jsx
@ -36,7 +36,7 @@ export default class Delete extends ConfirmAction {
    return t('Delete Share Metadata');
  }

-  policy = 'manila:share:delete_share_metadata';
+  policy = 'share:delete_share_metadata';

  allowedCheckFunc = () => true;

--- a/src/pages/share/containers/Share/Detail/Metadata/actions/Edit.jsx
+++ b/src/pages/share/containers/Share/Detail/Metadata/actions/Edit.jsx
@ -40,7 +40,7 @@ export class Edit extends ModalAction {
    return defaultValue;
  }

-  static policy = 'manila:share:update_share_metadata';
+  static policy = 'share:update_share_metadata';

  static allowed = () => Promise.resolve(true);

--- a/src/pages/share/containers/Share/Detail/Metadata/index.jsx
+++ b/src/pages/share/containers/Share/Detail/Metadata/index.jsx
@ -24,7 +24,7 @@ export class Metadata extends Base {
  }

  get policy() {
-    return 'manila:share:get_share_metadata';
+    return 'share:get_share_metadata';
  }

  get name() {
--- a/src/pages/share/containers/Share/Detail/index.jsx
+++ b/src/pages/share/containers/Share/Detail/index.jsx
@ -27,7 +27,7 @@ export class Detail extends Base {
  }

  get policy() {
-    return 'manila:share:get';
+    return 'share:get';
  }

  get listUrl() {
--- a/src/pages/share/containers/Share/actions/Create.jsx
+++ b/src/pages/share/containers/Share/actions/Create.jsx
@ -70,7 +70,7 @@ export class Create extends FormAction {
    this.state.shareGroups = [];
  }

-  static policy = 'manila:share:create';
+  static policy = 'share:create';

  static allowed = () => Promise.resolve(true);

--- a/src/pages/share/containers/Share/actions/Delete.jsx
+++ b/src/pages/share/containers/Share/actions/Delete.jsx
@ -36,7 +36,7 @@ export default class Delete extends ConfirmAction {
    return t('Delete Share');
  }

-  policy = 'manila:share:delete';
+  policy = 'share:delete';

  allowedCheckFunc = (item) => {
    return this.isAdminPage || item.isMine;
--- a/src/pages/share/containers/Share/actions/Edit.jsx
+++ b/src/pages/share/containers/Share/actions/Edit.jsx
@ -32,7 +32,7 @@ export class Edit extends ModalAction {
    return value;
  }

-  static policy = 'manila:share:update';
+  static policy = 'share:update';

  static allowed = (item) => Promise.resolve(item.isMine);

--- a/src/pages/share/containers/Share/actions/Extend.jsx
+++ b/src/pages/share/containers/Share/actions/Extend.jsx
@ -34,7 +34,7 @@ export class ExtendShare extends ModalAction {
    return value;
  }

-  static policy = 'manila:share:extend';
+  static policy = 'share:extend';

  static allowed = (item) => Promise.resolve(item.isMine);

--- a/src/pages/share/containers/Share/actions/ManageAccessRule.jsx
+++ b/src/pages/share/containers/Share/actions/ManageAccessRule.jsx
@ -36,7 +36,7 @@ export class ManageAccessRule extends FormAction {
    return t('Manage Access Rule');
  }

-  static policy = 'manila:share_access_rule:index';
+  static policy = 'share_access_rule:index';

  static allowed = (item) => Promise.resolve(item.isMine);
 }
--- a/src/pages/share/containers/Share/actions/ManageMetadata.jsx
+++ b/src/pages/share/containers/Share/actions/ManageMetadata.jsx
@ -36,7 +36,7 @@ export class ManageMetadata extends FormAction {
    return t('Manage Metadata');
  }

-  static policy = 'manila:share:update_share_metadata';
+  static policy = 'share:update_share_metadata';

  static allowed = (item) => Promise.resolve(item.isMine);
 }
--- a/src/pages/share/containers/Share/actions/ResetStatus.jsx
+++ b/src/pages/share/containers/Share/actions/ResetStatus.jsx
@ -36,7 +36,7 @@ export class ResetStatus extends ModalAction {
    return value;
  }

-  static policy = 'manila:share:reset_status';
+  static policy = 'share:reset_status';

  static allowed = () => Promise.resolve(true);

--- a/Show More
+++ b/Show More