Use to_policy_values for policy credentials

The base oslo.context defines to_policy_values with all the information that it expects a service to require to enforce policy. Use that instead of throwing everything in to_dict at policy enforcement. Change-Id: I0a42b4425e9dd1bd062c48792c4d116dd370afe3 Closes-Bug: #1602081
author: Adam Young <ayoung@redhat.com> 2016-09-12 21:39:45 -0400
committer: Adam Young <ayoung@redhat.com> 2016-09-12 21:39:45 -0400
commit: 304bc201c004d549de408c75cfe731eb65fde78d (patch)
tree: 2386cd48a9b12f4f0cbd3f9b153d594ffbc3aac0 /nova/policy.py
parent: ba718e35db3275f66647690e3d5b31614f228639 (diff)
download: nova-304bc201c004d549de408c75cfe731eb65fde78d.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/nova/policy.py b/nova/policy.py
index 26e0f05a60..c77865ddf1 100644
--- a/nova/policy.py
+++ b/nova/policy.py
@@ -152,7 +152,7 @@ def authorize(context, action, target, do_raise=True, exc=None):
            do_raise is False.
     """
     init()
-    credentials = context.to_dict()
+    credentials = context.to_policy_values()
     if not exc:
         exc = exception.PolicyNotAuthorized
     try:
@@ -177,7 +177,7 @@ def check_is_admin(context):
 
     init()
     # the target is user-self
-    credentials = context.to_dict()
+    credentials = context.to_policy_values()
     target = credentials
     return _ENFORCER.authorize('context_is_admin', target, credentials)
author	Adam Young <ayoung@redhat.com>	2016-09-12 21:39:45 -0400
committer	Adam Young <ayoung@redhat.com>	2016-09-12 21:39:45 -0400
commit	304bc201c004d549de408c75cfe731eb65fde78d (patch)
tree	2386cd48a9b12f4f0cbd3f9b153d594ffbc3aac0 /nova/policy.py
parent	ba718e35db3275f66647690e3d5b31614f228639 (diff)
download	nova-304bc201c004d549de408c75cfe731eb65fde78d.tar.gz