diff options
author | Zuul <zuul@review.opendev.org> | 2020-04-22 15:03:08 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2020-04-22 15:03:08 +0000 |
commit | daa107d2c713ea35eda1551f5a444e6e1b541f5e (patch) | |
tree | 3d812b5529bf5ac52e0c649785c0852a5efed920 | |
parent | 569e06f230ef3a0f9adfa518a96370224dbdf996 (diff) | |
parent | d523376c91d1a59066f5df2d25958c899063b4b1 (diff) | |
download | horizon-daa107d2c713ea35eda1551f5a444e6e1b541f5e.tar.gz |
Merge "Authenticate before Authorization" into stable/rocky
-rw-r--r-- | horizon/base.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/horizon/base.py b/horizon/base.py index 2fe3bffc7..1112d6c6d 100644 --- a/horizon/base.py +++ b/horizon/base.py @@ -564,13 +564,13 @@ class Dashboard(Registry, HorizonComponent): urlpatterns.append( url(r'', _wrapped_include(default_panel._decorated_urls))) - # Require login if not public. - if not self.public: - _decorate_urlconf(urlpatterns, require_auth) # Apply access controls to all views in the patterns permissions = getattr(self, 'permissions', []) _decorate_urlconf(urlpatterns, require_perms, permissions) _decorate_urlconf(urlpatterns, _current_component, dashboard=self) + # Require login if not public. + if not self.public: + _decorate_urlconf(urlpatterns, require_auth) # Return the three arguments to django.conf.urls.include return urlpatterns, self.slug, self.slug |