def policy_deprecation_check(): global CHECKED_DEPRECATED_POLICY_ARGS if not CHECKED_DEPRECATED_POLICY_ARGS: enforcer = policy.get_enforcer() substitution_dict = { 'user': '******', 'domain_id': 'user_domain_id', 'domain_name': 'user_domain_id', 'tenant': 'project_name', } policy_rules = enforcer.file_rules.values() for rule in policy_rules: str_rule = six.text_type(rule) for deprecated, replacement in substitution_dict.items(): if re.search(r'\b%s\b' % deprecated, str_rule): LOG.warning( "Deprecated argument %(deprecated)s is used in policy " "file rule (%(rule)s), please use %(replacement)s " "argument instead. The possibility to use deprecated " "arguments will be removed in the Pike release.", {'deprecated': deprecated, 'replacement': replacement, 'rule': str_rule}) if deprecated == 'domain_name': LOG.warning( "Please note that user_domain_id is an ID of the " "user domain, while the deprecated domain_name is " "its name. The policy rule has to be updated " "accordingly.") CHECKED_DEPRECATED_POLICY_ARGS = True
def policy_deprecation_check(): global CHECKED_DEPRECATED_POLICY_ARGS if not CHECKED_DEPRECATED_POLICY_ARGS: enforcer = policy.get_enforcer() substitution_dict = { 'user': '******', 'domain_id': 'user_domain_id', 'domain_name': 'user_domain_id', 'tenant': 'project_name', } policy_rules = enforcer.file_rules.values() for rule in policy_rules: str_rule = six.text_type(rule) for deprecated, replacement in substitution_dict.items(): if re.search(r'\b%s\b' % deprecated, str_rule): LOG.warning( "Deprecated argument %(deprecated)s is used in policy " "file rule (%(rule)s), please use %(replacement)s " "argument instead. The possibility to use deprecated " "arguments will be removed in the Pike release.", { 'deprecated': deprecated, 'replacement': replacement, 'rule': str_rule }) if deprecated == 'domain_name': LOG.warning( "Please note that user_domain_id is an ID of the " "user domain, while the deprecated domain_name is " "its name. The policy rule has to be updated " "accordingly.") CHECKED_DEPRECATED_POLICY_ARGS = True
def setUp(self): super(PolicyFixture, self).setUp() self.policy_dir = self.useFixture(fixtures.TempDir()) self.policy_file_name = os.path.join(self.policy_dir.path, "policy.json") with open(self.policy_file_name, "w") as policy_file: policy_file.write(fake_policy.get_policy_data(self.compat)) CONF.set_override("policy_file", self.policy_file_name) ironic_policy._ENFORCER = None self.addCleanup(ironic_policy.get_enforcer().clear)
def setUp(self): super(PolicyFixture, self).setUp() self.policy_dir = self.useFixture(fixtures.TempDir()) self.policy_file_name = os.path.join(self.policy_dir.path, 'policy.json') with open(self.policy_file_name, 'w') as policy_file: policy_file.write(fake_policy.get_policy_data(self.compat)) CONF.set_override('policy_file', self.policy_file_name) ironic_policy._ENFORCER = None self.addCleanup(ironic_policy.get_enforcer().clear)
def setUp(self): super(PolicyFixture, self).setUp() self.policy_dir = self.useFixture(fixtures.TempDir()) self.policy_file_name = os.path.join(self.policy_dir.path, 'policy.json') with open(self.policy_file_name, 'w') as policy_file: policy_file.write(fake_policy.get_policy_data(self.compat)) policy_opts.set_defaults(CONF) CONF.set_override('policy_file', self.policy_file_name, 'oslo_policy') ironic_policy._ENFORCER = None self.addCleanup(ironic_policy.get_enforcer().clear)
def setUp(self): super(PolicyTestCase, self).setUp() rule = oslo_policy.RuleDefault('has_foo_role', "role:foo") enforcer = policy.get_enforcer() enforcer.register_default(rule)