Get Onezone policies.
Returns restrictions placed on Onezone operations such as registering Oneproviders.
Request Examples
onepanel-rest-cli -u onepanel:$PASSPHRASE getZonePolicies --host https://$HOST:9443Responses
Onezone policies configuration.
| Property | Type & Description |
|---|---|
oneproviderRegistration string Indicates policy enforced during provider registration. Possible options are: open - anyone can acquire a registration token and register a new Oneprovider restricted - requires an administrative privilege 'oz_providers_invite' to generate a Oneprovider registration token. The token can be issued for someone else. Enum: openrestricted | |
subdomainDelegation boolean If true, Oneproviders are allowed to request subdomains of the Onezone domain for use as their domains. | |
guiPackageVerification boolean When this value is true, GUI packages uploaded by services operating under Onezone or by harvester admins are checked against known SHA-256 checksums using the compatibility registry. Setting this value to false disables the verification. WARNING: disabling GUI package verification poses a severe security threat, allowing Oneprovider owners to upload arbitrary GUI to Onezone (which is then hosted in Onezone's domain). | |
harvesterGuiPackageVerification boolean This policy can be used to disable GUI package verification for harvester plugins only. See "guiPackageVerification" for detailed description. This setting has no effect if "guiPackageVerification" is set to false. | |
Example
{
"subdomainDelegation": true,
"guiPackageVerification": true,
"harvesterGuiPackageVerification": false
}Forbidden request.
Onezone cluster is not configured.
Internal server error.
| Property | Type & Description | ||||||
|---|---|---|---|---|---|---|---|
error object Object describing an error.
| |||||||
Example
{
"error": {
"id": "badValueString",
"details": {
"key": "name"
},
"description": "Bad value: provided \"name\" must be a string."
}
}