Comment 0 for bug 1926347

Now that keystone supports system-scope as well as default roles, several upstream OpenStack services are updating their default policies to be more secure [0].

Horizon may need to understand how these services are configured via policy to present the proper panels to certain users (e.g., should the admin panels be presented to project-admins modeling the old behavior or should they only be presented to system-users?)

This bug is to track the work for horizon to evaluate the configuration changes necessary to deploy secure RBAC.

[0] Using system-scope to fix https://bugs.launchpad.net/glance/+bug/968696