diff options
author | Zuul <zuul@review.opendev.org> | 2020-04-14 03:32:24 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2020-04-14 03:32:24 +0000 |
commit | b9bb0906369561b25b5c7547960c5c67573f4c7e (patch) | |
tree | 4b49766426ed7d748ffa57b84c4d85c2397f72dd | |
parent | 0dcd85489d22b005915111c5f996c1a48ea7dfd3 (diff) | |
parent | 486cb6ac8eb4d4c4d0fd228f10f9e56d4eeb44ed (diff) | |
download | horizon-b9bb0906369561b25b5c7547960c5c67573f4c7e.tar.gz |
Merge "Authenticate before Authorization" into stable/stein
-rw-r--r-- | horizon/base.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/horizon/base.py b/horizon/base.py index 28ffe4824..e0b80950f 100644 --- a/horizon/base.py +++ b/horizon/base.py @@ -564,13 +564,13 @@ class Dashboard(Registry, HorizonComponent): urlpatterns.append( url(r'', _wrapped_include(default_panel._decorated_urls))) - # Require login if not public. - if not self.public: - _decorate_urlconf(urlpatterns, require_auth) # Apply access controls to all views in the patterns permissions = getattr(self, 'permissions', []) _decorate_urlconf(urlpatterns, require_perms, permissions) _decorate_urlconf(urlpatterns, _current_component, dashboard=self) + # Require login if not public. + if not self.public: + _decorate_urlconf(urlpatterns, require_auth) # Return the three arguments to django.conf.urls.include return urlpatterns, self.slug, self.slug |