diff options
| author | Petr Malik <pmalik@tesora.com> | 2016-06-27 16:01:42 -0400 |
|---|---|---|
| committer | Petr Malik <pmalik@tesora.com> | 2016-12-06 21:51:21 +0000 |
| commit | 21250cf20c0efbe6d57c4a712c51b80667e53b44 (patch) | |
| tree | d18e6ee84986b798e7654e254a2a6894dc8d54f4 /trove/limits | |
| parent | 77fd7014c0007c83652dd4fb1f9d3316a97b1ed3 (diff) | |
| download | trove-21250cf20c0efbe6d57c4a712c51b80667e53b44.tar.gz | |
Add support for Oslo Policies to Trove
The Oslo Policy library provides support for RBAC policy
enforcement across all OpenStack services.
Update the devstack plugin to copy the default policy file
over to /etc/trove in the gate environments.
Note: Not adding a rule for 'reset-password' instance
action as that API was discontinued years ago
and is now just waiting for removal (Bug: 1645866).
DocImpact
Co-Authored-By: Ali Adil <aadil@tesora.com>
Change-Id: Ic443a4c663301840406cad537159eab7b0b5ed1c
Implements: blueprint trove-policy
Diffstat (limited to 'trove/limits')
| -rw-r--r-- | trove/limits/service.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/trove/limits/service.py b/trove/limits/service.py index 28d3ea66..5200b79f 100644 --- a/trove/limits/service.py +++ b/trove/limits/service.py @@ -13,6 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. +from trove.common import policy from trove.common import wsgi from trove.limits import views from trove.quota.quota import QUOTAS @@ -27,6 +28,8 @@ class LimitsController(wsgi.Controller): """ Return all absolute and rate limit information. """ + context = req.environ[wsgi.CONTEXT_KEY] + policy.authorize_on_tenant(context, 'limits:index') quotas = QUOTAS.get_all_quotas_by_tenant(tenant_id) abs_limits = {k: v['hard_limit'] for k, v in quotas.items()} rate_limits = req.environ.get("trove.limits", []) |