diff options
| author | Moisés Guimarães de Medeiros <moguimar@redhat.com> | 2020-07-24 17:35:09 +0200 |
|---|---|---|
| committer | Moisés Guimarães de Medeiros <moguimar@redhat.com> | 2020-07-25 11:51:52 +0200 |
| commit | c9f7cd460c2eabf1f78bb34b78c2b28186ece768 (patch) | |
| tree | 519168e05ecc7f86547ae77f897c40160e0cd10e /oslo_policy | |
| parent | 6296fce9f8e3205506f87dd31d0b18f4b7842000 (diff) | |
| download | oslo-policy-c9f7cd460c2eabf1f78bb34b78c2b28186ece768.tar.gz | |
Bump bandit version
This patch bumps bandit allowed version to >=1.6.0,<1.7.0 in order to
avoid the errors detailed here https://github.com/PyCQA/bandit/pull/393
Change-Id: I0570c916cffc08bcbaebb385a9cc4a4c7038b215
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
Diffstat (limited to 'oslo_policy')
| -rw-r--r-- | oslo_policy/policy.py | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/oslo_policy/policy.py b/oslo_policy/policy.py index 83e4c0c..2b19a66 100644 --- a/oslo_policy/policy.py +++ b/oslo_policy/policy.py @@ -956,16 +956,20 @@ class Enforcer(object): # If the rule doesn't exist, fail closed result = False else: + # NOTE(moguimar): suppressing [B105:hardcoded_password_string] + # as token_scope is not actually a hardcoded + # token. + # Check the scope of the operation against the possible scope # attributes provided in `creds`. if creds.get('system'): - token_scope = 'system' + token_scope = 'system' # nosec elif creds.get('domain_id'): - token_scope = 'domain' + token_scope = 'domain' # nosec else: # If the token isn't system-scoped or domain-scoped then # we're dealing with a project-scoped token. - token_scope = 'project' + token_scope = 'project' # nosec registered_rule = self.registered_rules.get(rule) if registered_rule and registered_rule.scope_types: |