diff options
author | Adam Young <ayoung@redhat.com> | 2016-09-12 21:39:45 -0400 |
---|---|---|
committer | Adam Young <ayoung@redhat.com> | 2016-09-12 21:39:45 -0400 |
commit | 304bc201c004d549de408c75cfe731eb65fde78d (patch) | |
tree | 2386cd48a9b12f4f0cbd3f9b153d594ffbc3aac0 /nova/policy.py | |
parent | ba718e35db3275f66647690e3d5b31614f228639 (diff) | |
download | nova-304bc201c004d549de408c75cfe731eb65fde78d.tar.gz |
Use to_policy_values for policy credentials
The base oslo.context defines to_policy_values with all the information
that it expects a service to require to enforce policy. Use that instead
of throwing everything in to_dict at policy enforcement.
Change-Id: I0a42b4425e9dd1bd062c48792c4d116dd370afe3
Closes-Bug: #1602081
Diffstat (limited to 'nova/policy.py')
-rw-r--r-- | nova/policy.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/nova/policy.py b/nova/policy.py index 26e0f05a60..c77865ddf1 100644 --- a/nova/policy.py +++ b/nova/policy.py @@ -152,7 +152,7 @@ def authorize(context, action, target, do_raise=True, exc=None): do_raise is False. """ init() - credentials = context.to_dict() + credentials = context.to_policy_values() if not exc: exc = exception.PolicyNotAuthorized try: @@ -177,7 +177,7 @@ def check_is_admin(context): init() # the target is user-self - credentials = context.to_dict() + credentials = context.to_policy_values() target = credentials return _ENFORCER.authorize('context_is_admin', target, credentials) |