Fix policy checks for users without policies

When the User resource doesn't have the `Policies` property specified,
the policy checking code raised an error because it tried to iterate
over `None`.

Change-Id: I1ad0a051c837744d8ec0a343929918c92fa78437
Signed-off-by: Tomas Sedovic <tomas@sedovic.cz>

diff --git a/heat/engine/resources/user.py b/heat/engine/resources/user.py
index 226a639b98a9fca2af30535f91fa1d2dc9226087..b17427d13870bf059c7f18524431227581c772ee 100644 (file)
--- a/heat/engine/resources/user.py
+++ b/heat/engine/resources/user.py
@@ -40,7 +40,7 @@ class User(resource.Resource):
         super(User, self).__init__(name, json_snippet, stack)
 
     def _validate_policies(self, policies):
-        for policy in policies:
+        for policy in (policies or []):
             # When we support AWS IAM style policies, we will have to accept
             # either a ref to an AWS::IAM::Policy defined in the stack, or
             # and embedded dict describing the policy directly, but for now
@@ -101,7 +101,7 @@ class User(resource.Resource):
             resource=self.physical_resource_name(), key=key)
 
     def access_allowed(self, resource_name):
-        policies = self.properties['Policies']
+        policies = (self.properties['Policies'] or [])
         for policy in policies:
             if not isinstance(policy, basestring):
                 logger.warning("Ignoring policy %s, " % policy