Python enforce Examples

Programming Language: Python

Namespace/Package Name: vsm.openstack.common.policy

Method/Function: enforce

Examples at hotexamples.com: 4

Python enforce - 4 examples found. These are the top rated real world Python examples of vsm.openstack.common.policy.enforce extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

def enforce(context, action, target):
    """Verifies that the action is valid on the target in this context.

       :param context: vsm context
       :param action: string representing the action to be checked
           this should be colon separated for clarity.
           i.e. ``compute:create_instance``,
           ``compute:attach_storage``,
           ``storage:attach_storage``

       :param object: dictionary representing the object of the action
           for object creation this should be a dictionary representing the
           location of the object e.g. ``{'project_id': context.project_id}``

       :raises vsm.exception.PolicyNotAuthorized: if verification fails.

    """
    init()

    match_list = ('rule:%s' % action, )
    credentials = context.to_dict()

    policy.enforce(match_list,
                   target,
                   credentials,
                   exception.PolicyNotAuthorized,
                   action=action)

Example #2

Show file

File: policy.py Project: 01org/virtual-storage-manager

def enforce(context, action, target):
    """Verifies that the action is valid on the target in this context.

       :param context: vsm context
       :param action: string representing the action to be checked
           this should be colon separated for clarity.
           i.e. ``compute:create_instance``,
           ``compute:attach_storage``,
           ``storage:attach_storage``

       :param object: dictionary representing the object of the action
           for object creation this should be a dictionary representing the
           location of the object e.g. ``{'project_id': context.project_id}``

       :raises vsm.exception.PolicyNotAuthorized: if verification fails.

    """
    init()

    match_list = ('rule:%s' % action,)
    credentials = context.to_dict()

    policy.enforce(match_list, target, credentials,
                   exception.PolicyNotAuthorized, action=action)

Example #3

Show file

def check_is_admin(roles):
    """Whether or not roles contains 'admin' role according to policy setting.

    """
    init()

    action = 'context_is_admin'
    match_list = ('rule:%s' % action, )
    # include project_id on target to avoid KeyError if context_is_admin
    # policy definition is missing, and default admin_or_owner rule
    # attempts to apply.  Since our credentials dict does not include a
    # project_id, this target can never match as a generic rule.
    target = {'project_id': ''}
    credentials = {'roles': roles}

    return policy.enforce(match_list, target, credentials)

Example #4

Show file

File: policy.py Project: 01org/virtual-storage-manager

def check_is_admin(roles):
    """Whether or not roles contains 'admin' role according to policy setting.

    """
    init()

    action = 'context_is_admin'
    match_list = ('rule:%s' % action,)
    # include project_id on target to avoid KeyError if context_is_admin
    # policy definition is missing, and default admin_or_owner rule
    # attempts to apply.  Since our credentials dict does not include a
    # project_id, this target can never match as a generic rule.
    target = {'project_id': ''}
    credentials = {'roles': roles}

    return policy.enforce(match_list, target, credentials)