diff options
author | Zuul <zuul@review.opendev.org> | 2020-04-09 07:30:56 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2020-04-09 07:30:56 +0000 |
commit | 30121e3e0adcc44d23d95ccde25a7f38d9a7c18f (patch) | |
tree | 9b885d528c84d4db34a7c5ef3a561dca0efecf95 | |
parent | 59f287935e39f9d8d4cca3236e8e25ad158c1a3c (diff) | |
parent | cf6bc991e5133abdece81a57712b3037822eea3e (diff) | |
download | horizon-30121e3e0adcc44d23d95ccde25a7f38d9a7c18f.tar.gz |
Merge "Authenticate before Authorization" into stable/train
-rw-r--r-- | horizon/base.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/horizon/base.py b/horizon/base.py index 50efee407..2cdace254 100644 --- a/horizon/base.py +++ b/horizon/base.py @@ -573,13 +573,13 @@ class Dashboard(Registry, HorizonComponent): urlpatterns.append( url(r'', _wrapped_include(default_panel._decorated_urls))) - # Require login if not public. - if not self.public: - _decorate_urlconf(urlpatterns, require_auth) # Apply access controls to all views in the patterns permissions = getattr(self, 'permissions', []) _decorate_urlconf(urlpatterns, require_perms, permissions) _decorate_urlconf(urlpatterns, _current_component, dashboard=self) + # Require login if not public. + if not self.public: + _decorate_urlconf(urlpatterns, require_auth) # Return the three arguments to django.conf.urls.include return urlpatterns, self.slug, self.slug |