diff options
Diffstat (limited to 'keystone/common/policies/policy.py')
| -rw-r--r-- | keystone/common/policies/policy.py | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/keystone/common/policies/policy.py b/keystone/common/policies/policy.py index 4c912f33c..502fa9de0 100644 --- a/keystone/common/policies/policy.py +++ b/keystone/common/policies/policy.py @@ -15,33 +15,43 @@ from oslo_policy import policy from keystone.common.policies import base +DEPRECATED_REASON = ( + "The policy API is now aware of system scope and default roles." +) + deprecated_get_policy = policy.DeprecatedRule( name=base.IDENTITY % 'get_policy', check_str=base.RULE_ADMIN_REQUIRED, + deprecated_reason=DEPRECATED_REASON, + deprecated_since=versionutils.deprecated.TRAIN ) deprecated_list_policies = policy.DeprecatedRule( name=base.IDENTITY % 'list_policies', check_str=base.RULE_ADMIN_REQUIRED, + deprecated_reason=DEPRECATED_REASON, + deprecated_since=versionutils.deprecated.TRAIN ) deprecated_update_policy = policy.DeprecatedRule( name=base.IDENTITY % 'update_policy', check_str=base.RULE_ADMIN_REQUIRED, + deprecated_reason=DEPRECATED_REASON, + deprecated_since=versionutils.deprecated.TRAIN ) deprecated_create_policy = policy.DeprecatedRule( name=base.IDENTITY % 'create_policy', check_str=base.RULE_ADMIN_REQUIRED, + deprecated_reason=DEPRECATED_REASON, + deprecated_since=versionutils.deprecated.TRAIN ) deprecated_delete_policy = policy.DeprecatedRule( name=base.IDENTITY % 'delete_policy', check_str=base.RULE_ADMIN_REQUIRED, -) - -DEPRECATED_REASON = ( - "The policy API is now aware of system scope and default roles." + deprecated_reason=DEPRECATED_REASON, + deprecated_since=versionutils.deprecated.TRAIN ) @@ -55,9 +65,7 @@ policy_policies = [ description='Show policy details.', operations=[{'path': '/v3/policies/{policy_id}', 'method': 'GET'}], - deprecated_rule=deprecated_get_policy, - deprecated_reason=DEPRECATED_REASON, - deprecated_since=versionutils.deprecated.TRAIN), + deprecated_rule=deprecated_get_policy), policy.DocumentedRuleDefault( name=base.IDENTITY % 'list_policies', check_str=base.SYSTEM_READER, @@ -65,9 +73,7 @@ policy_policies = [ description='List policies.', operations=[{'path': '/v3/policies', 'method': 'GET'}], - deprecated_rule=deprecated_list_policies, - deprecated_reason=DEPRECATED_REASON, - deprecated_since=versionutils.deprecated.TRAIN), + deprecated_rule=deprecated_list_policies), policy.DocumentedRuleDefault( name=base.IDENTITY % 'create_policy', check_str=base.SYSTEM_ADMIN, @@ -75,9 +81,7 @@ policy_policies = [ description='Create policy.', operations=[{'path': '/v3/policies', 'method': 'POST'}], - deprecated_rule=deprecated_create_policy, - deprecated_reason=DEPRECATED_REASON, - deprecated_since=versionutils.deprecated.TRAIN), + deprecated_rule=deprecated_create_policy), policy.DocumentedRuleDefault( name=base.IDENTITY % 'update_policy', check_str=base.SYSTEM_ADMIN, @@ -85,9 +89,7 @@ policy_policies = [ description='Update policy.', operations=[{'path': '/v3/policies/{policy_id}', 'method': 'PATCH'}], - deprecated_rule=deprecated_update_policy, - deprecated_reason=DEPRECATED_REASON, - deprecated_since=versionutils.deprecated.TRAIN), + deprecated_rule=deprecated_update_policy), policy.DocumentedRuleDefault( name=base.IDENTITY % 'delete_policy', check_str=base.SYSTEM_ADMIN, @@ -95,9 +97,7 @@ policy_policies = [ description='Delete policy.', operations=[{'path': '/v3/policies/{policy_id}', 'method': 'DELETE'}], - deprecated_rule=deprecated_delete_policy, - deprecated_reason=DEPRECATED_REASON, - deprecated_since=versionutils.deprecated.TRAIN) + deprecated_rule=deprecated_delete_policy) ] |