]> review.fuel-infra Code Review - openstack-build/neutron-build.git/commitdiff
Code Review / openstack-build / neutron-build.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 3630d2f)
Fix typo in policy.json and checks in nicira plugin
authorSalvatore Orlando <salv.orlando@gmail.com>
Fri, 15 Mar 2013 00:31:31 +0000 (01:31 +0100)
committerSalvatore Orlando <salv.orlando@gmail.com>
Wed, 20 Mar 2013 18:53:21 +0000 (19:53 +0100)
Bug 1155379

This patch removes extra colons from policy.json.
Also, it fixes some checks in the nicira plugin which were not
passing correctly the target resource for the policy engine.

Change-Id: I89a1d170818173eaa90b50158289a06455febadc

etc/policy.json patch | blob | history
quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py patch | blob | history

diff --git a/etc/policy.json b/etc/policy.json
index aa18ba6e10a9b3121f667d16d467dd0c77cd9a1c..f2c304b4849717496e10bac524e6173de62e94fb 100644 (file)
--- a/etc/policy.json
+++ b/etc/policy.json
@@ -51,9 +51,9 @@
     "delete_service_type": "rule:admin_only",
     "get_service_type": "rule:regular_user",
 
-    "create_qos_queue:": "rule:admin_only",
-    "get_qos_queue:": "rule:admin_only",
-    "get_qos_queues:": "rule:admin_only",
+    "create_qos_queue": "rule:admin_only",
+    "get_qos_queue": "rule:admin_only",
+    "get_qos_queues": "rule:admin_only",
 
     "update_agent": "rule:admin_only",
     "delete_agent": "rule:admin_only",
diff --git a/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py b/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py
index c5a2780bd7f45dcc87955fd8a606fd493c98d60a..abc9ac191f84de1bc3a441ed99d711192a1e7687 100644 (file)
--- a/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py
+++ b/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py
@@ -2208,10 +2208,9 @@ class NvpPluginV2(db_base_plugin_v2.QuantumDbPluginV2,
                                                                        sgrid)
 
     def create_qos_queue(self, context, qos_queue, check_policy=True):
-        if check_policy:
-            self._enforce_set_auth(context, qos_queue,
-                                   ext_qos.qos_queue_create)
         q = qos_queue.get('qos_queue')
+        if check_policy:
+            self._enforce_set_auth(context, q, ext_qos.qos_queue_create)
         self._validate_qos_queue(context, q)
         q['id'] = nvplib.create_lqueue(self.default_cluster,
                                        self._nvp_lqueue(q))
@@ -2229,8 +2228,7 @@ class NvpPluginV2(db_base_plugin_v2.QuantumDbPluginV2,
         return super(NvpPluginV2, self).delete_qos_queue(context, id)
 
     def get_qos_queue(self, context, id, fields=None):
-        if not self._check_view_auth(context, {'qos_queue': None},
-                                     ext_qos.qos_queue_get):
+        if not self._check_view_auth(context, {}, ext_qos.qos_queue_get):
             # don't want the user to find out that they guessed the right id
             # so  we raise not found if the policy.json file doesn't allow them
             raise ext_qos.QueueNotFound(id=id)