The Policy model object has a lifecycle of its own. This is because this policy object can possibly be used outside the scope of the InstanceGroup effort. Hence I don't see a problem in a policy administrator, or any user, if allowed, to maintain this set of policies outside the scope of InstanceGroups.
However a group author will maintain the InstanceGroupPolicy objects, and refer a policy that is appropriate to his requirement. If a new Policy object needs to be registered for a new requirement, that has to be done by this user, if allowed. About your question regarding dangling references, that situation should not be allowed, hence a delete of the Policy object should not be allowed, if there is some other object referring it. This can be implemented right, by adding a proper association between the models. This way, a generic Policy model can apply to other scenarios that may come up in Openstack. Regards, Yathi. _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
