I have seen several people request that their users be members of two
"projects" and that they be allow to publish objects that are "Shared" by
multiple "projects".
For some reason the people who request these complex data constructions
always prefer to call the enclosing entity a "project". I have not heard
such a request for multi-tenant objects and/or users.
The important point is that the "mix and match" approach actually creates
complex objects where it is difficult to determine who has the right to
delete them, modify them, change who has access to them, etc. The far
simpler rule
is that all objects/resources have a single owner, whether that owner is
called a "project" or a "tenant".
The term "project", in common english usage, does not have any semantics
implying exclusivity. Indeed we have "Cross project teams" and resources
are commonly shared by multiple projects within one company.
The fact that "projects" are typically things *within* a company is exactly
why it is a poor term for the outermost enclosure of resources.
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
