Rename admin-rule to authorization-rule

This is a preparatory step to add access-control for read-level
access to the API and web UI.  Because we will likely end up with
tenant config that looks like:

- tenant:
    name: example
    admin-rules: ['my-admin-rule']
    access-rules: ['my-read-only-rule']

It does not make sense for 'my-read-only-rule' to be defined as:

- admin-rule:
    name: read-only-rule

In other words, the current nomenclature conflates (new word:
nomenconflature) the idea of an abstract authorization rule and
what it authorizes.  The new name makes it more clear than an
authorization-rule can be used to authorize more than just admin
access.

Change-Id: I44da8060a804bc789720bd207c34d802a52b6975

1 files changed, 3 insertions, 3 deletions

diff --git a/zuul/web/__init__.py b/zuul/web/__init__.py
index 09706057b..b62af00e5 100755
--- a/zuul/web/__init__.py
+++ b/zuul/web/__init__.py
@@ -871,8 +871,8 @@ class ZuulWebAPI(object):
             (isinstance(override, list) and tenant.name in override)):
             return True
 
-        for rule_name in tenant.authorization_rules:
-            rule = self.zuulweb.abide.admin_rules.get(rule_name)
+        for rule_name in tenant.admin_rules:
+            rule = self.zuulweb.abide.authz_rules.get(rule_name)
             if not rule:
                 self.log.error('Undefined rule "%s"', rule_name)
                 continue
@@ -2170,7 +2170,7 @@ class ZuulWeb(object):
         for tenant_name in deleted_tenants:
             self.abide.clearTPCs(tenant_name)
 
-        loader.loadAdminRules(self.abide, self.unparsed_abide)
+        loader.loadAuthzRules(self.abide, self.unparsed_abide)
         loader.loadSemaphores(self.abide, self.unparsed_abide)
         loader.loadTPCs(self.abide, self.unparsed_abide)