diff options
| -rw-r--r-- | glance/api/policy.py | 9 | ||||
| -rw-r--r-- | setup.cfg | 3 |
2 files changed, 12 insertions, 0 deletions
diff --git a/glance/api/policy.py b/glance/api/policy.py index 67ac14741..2dddeff61 100644 --- a/glance/api/policy.py +++ b/glance/api/policy.py @@ -30,6 +30,7 @@ from glance.i18n import _ LOG = logging.getLogger(__name__) CONF = cfg.CONF +_ENFORCER = None DEFAULT_RULES = policy.Rules.from_dict({ 'context_is_admin': 'role:admin', @@ -89,6 +90,14 @@ class Enforcer(policy.Enforcer): return self.check(context, 'context_is_admin', context.to_dict()) +def get_enforcer(): + CONF([], project='glance') + global _ENFORCER + if _ENFORCER is None: + _ENFORCER = Enforcer() + return _ENFORCER + + class ImageRepoProxy(glance.domain.proxy.Repo): def __init__(self, image_repo, context, policy): @@ -63,6 +63,9 @@ glance.database.migration_backend = glance.database.metadata_backend = sqlalchemy = glance.db.sqlalchemy.metadata +oslo.policy.enforcer = + glance = glance.api.policy:get_enforcer + glance.flows = api_image_import = glance.async_.flows.api_image_import:get_flow import = glance.async_.flows.base_import:get_flow |