diff options
author | Zuul <zuul@review.openstack.org> | 2019-03-11 16:42:54 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2019-03-11 16:42:54 +0000 |
commit | bc52dba64d3f24d84b608f89d4a2ba139cc3eb79 (patch) | |
tree | f660f84a5766f9b9016a2f70b34439b99b2ba886 | |
parent | 3ba6b40c2795e1c4eadad1c83fff084994f83d89 (diff) | |
parent | 517d8d66c3083bdbe85784ade73d85d0b4ddd83b (diff) | |
download | glance-bc52dba64d3f24d84b608f89d4a2ba139cc3eb79.tar.gz |
Merge "Add an oslo.policy.enforcer entrypoint"
-rw-r--r-- | glance/api/policy.py | 9 | ||||
-rw-r--r-- | setup.cfg | 3 |
2 files changed, 12 insertions, 0 deletions
diff --git a/glance/api/policy.py b/glance/api/policy.py index 67ac14741..2dddeff61 100644 --- a/glance/api/policy.py +++ b/glance/api/policy.py @@ -30,6 +30,7 @@ from glance.i18n import _ LOG = logging.getLogger(__name__) CONF = cfg.CONF +_ENFORCER = None DEFAULT_RULES = policy.Rules.from_dict({ 'context_is_admin': 'role:admin', @@ -89,6 +90,14 @@ class Enforcer(policy.Enforcer): return self.check(context, 'context_is_admin', context.to_dict()) +def get_enforcer(): + CONF([], project='glance') + global _ENFORCER + if _ENFORCER is None: + _ENFORCER = Enforcer() + return _ENFORCER + + class ImageRepoProxy(glance.domain.proxy.Repo): def __init__(self, image_repo, context, policy): @@ -63,6 +63,9 @@ glance.database.migration_backend = glance.database.metadata_backend = sqlalchemy = glance.db.sqlalchemy.metadata +oslo.policy.enforcer = + glance = glance.api.policy:get_enforcer + glance.flows = api_image_import = glance.async_.flows.api_image_import:get_flow import = glance.async_.flows.base_import:get_flow |