diff options
author | mhuin <mhuin@redhat.com> | 2019-02-27 23:03:50 +0100 |
---|---|---|
committer | Matthieu Huin <mhuin@redhat.com> | 2019-07-30 15:32:15 +0000 |
commit | 7a622a5823893e1d255bbd0defb84f36c0f310d1 (patch) | |
tree | 739a19ab86d3ea07727c1a0c1df5adaedfa2d304 /zuul/cmd | |
parent | 9d86c00111f5028bef9913835669391ad381ad32 (diff) | |
download | zuul-7a622a5823893e1d255bbd0defb84f36c0f310d1.tar.gz |
Add Authorization Rules configuration
Allow an operator to define authorization rules.
Allow an operator to add authorization rules to a tenant.
Add a rule parser and a rule registry.
The authZ engine is not plugged in yet.
Change-Id: I3a86c6c7d62ad2bce68a98dbd2fff18549b94fb9
Diffstat (limited to 'zuul/cmd')
-rwxr-xr-x | zuul/cmd/web.py | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/zuul/cmd/web.py b/zuul/cmd/web.py index 8a7d38e24..1c88f56d4 100755 --- a/zuul/cmd/web.py +++ b/zuul/cmd/web.py @@ -73,7 +73,8 @@ class WebServer(zuul.cmd.ZuulDaemonApp): '/var/lib/zuul/web.socket') params['connections'] = self.connections - params['auths'] = self.auths + params['authenticators'] = self.authenticators + params['authorizations'] = self.authorizations # Validate config here before we spin up the ZuulWeb object for conn_name, connection in self.connections.connections.items(): try: @@ -108,9 +109,12 @@ class WebServer(zuul.cmd.ZuulDaemonApp): self.web.stop() self.log.info("Zuul Web Server stopped") - def configure_auth(self): - self.auths = zuul.lib.auth.AuthenticatorRegistry() - self.auths.configure(self.config) + def configure_authenticators(self): + self.authenticators = zuul.lib.auth.AuthenticatorRegistry() + self.authenticators.configure(self.config) + + def configure_authorizations(self): + self.authorizations = zuul.lib.auth.AuthorizationRegistry() def run(self): if self.args.command in zuul.web.COMMANDS: @@ -125,7 +129,8 @@ class WebServer(zuul.cmd.ZuulDaemonApp): include_drivers=[zuul.driver.sql.SQLDriver, zuul.driver.github.GithubDriver, zuul.driver.pagure.PagureDriver]) - self.configure_auth() + self.configure_authenticators() + self.configure_authorizations() self._run() except Exception: self.log.exception("Exception from WebServer:") |