From: Tomas Sedovic <tomas@sedovic.cz>
Date: Wed, 13 Feb 2013 10:10:53 +0000 (+0100)
Subject: Fix policy checks for users without policies
X-Git-Tag: 2014.1~905
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=9c3d6e77f2dc241c94803da025aa64a7a7cefd46;p=openstack-build%2Fheat-build.git

Fix policy checks for users without policies

When the User resource doesn't have the `Policies` property specified,
the policy checking code raised an error because it tried to iterate
over `None`.

Change-Id: I1ad0a051c837744d8ec0a343929918c92fa78437
Signed-off-by: Tomas Sedovic <tomas@sedovic.cz>
---

diff --git a/heat/engine/resources/user.py b/heat/engine/resources/user.py
index 226a639b..b17427d1 100644
--- a/heat/engine/resources/user.py
+++ b/heat/engine/resources/user.py
@@ -40,7 +40,7 @@ class User(resource.Resource):
         super(User, self).__init__(name, json_snippet, stack)
 
     def _validate_policies(self, policies):
-        for policy in policies:
+        for policy in (policies or []):
             # When we support AWS IAM style policies, we will have to accept
             # either a ref to an AWS::IAM::Policy defined in the stack, or
             # and embedded dict describing the policy directly, but for now
@@ -101,7 +101,7 @@ class User(resource.Resource):
             resource=self.physical_resource_name(), key=key)
 
     def access_allowed(self, resource_name):
-        policies = self.properties['Policies']
+        policies = (self.properties['Policies'] or [])
         for policy in policies:
             if not isinstance(policy, basestring):
                 logger.warning("Ignoring policy %s, " % policy