def policy(self, rules, default_rule='allow'):
# Inject an allow and deny rule
rules['allow'] = '@'
rules['deny'] = '!'
# Parse the rules
rules = dict((k, policy.parse_rule(v)) for k, v in rules.items())
rules = policy.Rules(rules, default_rule)
# Set the rules
policy.set_rules(rules)
def policy(self, rules, default_rule='allow'):
# Inject an allow and deny rule
rules['allow'] = '@'
rules['deny'] = '!'
# Parse the rules
rules = dict((k, policy.parse_rule(v)) for k, v in rules.items())
rules = policy.Rules(rules, default_rule)
# Set the rules
policy.set_rules(rules)
def policy(self, rules, default_rule="allow"):
# Inject an allow and deny rule
rules["allow"] = "@"
rules["deny"] = "!"
# Parse the rules
rules = dict((k, policy.parse_rule(v)) for k, v in rules.items())
rules = policy.Rules(rules, default_rule)
# Set the rules
policy.set_rules(rules)
def set_rules(data, default_rule=None, overwrite=True):
default_rule = default_rule or cfg.CONF.policy_default_rule
if not _ENFORCER:
LOG.debug("Enforcer not present, recreating at rules stage.")
init()
if default_rule:
_ENFORCER.default_rule = default_rule
msg = "Loading rules %s, default: %s, overwrite: %s"
LOG.debug(msg, data, default_rule, overwrite)
if isinstance(data, dict):
rules = dict((k, policy.parse_rule(v)) for k, v in data.items())
rules = policy.Rules(rules, default_rule)
else:
rules = policy.Rules.load_json(data, default_rule)
_ENFORCER.set_rules(rules, overwrite=overwrite)
def set_rules(data, default_rule=None, overwrite=True):
default_rule = default_rule or cfg.CONF.policy_default_rule
if not _ENFORCER:
LOG.debug("Enforcer not present, recreating at rules stage.")
init()
if default_rule:
_ENFORCER.default_rule = default_rule
msg = "Loading rules %s, default: %s, overwrite: %s"
LOG.debug(msg, data, default_rule, overwrite)
if isinstance(data, dict):
rules = dict((k, policy.parse_rule(v)) for k, v in data.items())
rules = policy.Rules(rules, default_rule)
else:
rules = policy.Rules.load_json(data, default_rule)
_ENFORCER.set_rules(rules, overwrite=overwrite)
