summaryrefslogtreecommitdiff
path: root/ironic/api/controllers/v1/utils.py
diff options
context:
space:
mode:
authorJulia Kreger <juliaashleykreger@gmail.com>2021-03-08 10:58:26 -0800
committerJulia Kreger <juliaashleykreger@gmail.com>2021-03-08 10:58:26 -0800
commit7e1c08c407a63727b1df0ec2c86c537b5b7529be (patch)
treeccce58e2e81c533f177e070012c57d219a433611 /ironic/api/controllers/v1/utils.py
parente870bd34d0ccacbaef7f4e4def2535eb28f822b9 (diff)
downloadironic-7e1c08c407a63727b1df0ec2c86c537b5b7529be.tar.gz
RBAC Follow-up: Review follow-up.
Since the existing change is approved and in the gate now, it doesn't make sense to edit it for the review feedback. The included minor feedback is addressed by this change. Change-Id: I046c194af01fe77c3eac541f245a377e8e8f71eb
Diffstat (limited to 'ironic/api/controllers/v1/utils.py')
-rw-r--r--ironic/api/controllers/v1/utils.py14
1 files changed, 7 insertions, 7 deletions
diff --git a/ironic/api/controllers/v1/utils.py b/ironic/api/controllers/v1/utils.py
index 01483c47b..90a2a258c 100644
--- a/ironic/api/controllers/v1/utils.py
+++ b/ironic/api/controllers/v1/utils.py
@@ -1788,7 +1788,7 @@ def check_port_list_policy(portgroup=False, parent_node=None,
def check_volume_list_policy(parent_node=None):
- """Check if the specified policy authorizes this request on a port.
+ """Check if the specified policy authorizes this request on a volume.
:param parent_node: The UUID of a node, if any, to apply a policy
check to as well before applying other policy
@@ -1831,20 +1831,20 @@ def check_volume_list_policy(parent_node=None):
policy.authorize('baremetal:volume:list_all',
cdict, api.request.context)
except exception.HTTPForbidden:
- owner = cdict.get('project_id')
- if not owner:
+ project_id = cdict.get('project_id')
+ if not project_id:
raise
policy.authorize('baremetal:volume:list',
cdict, api.request.context)
- return owner
+ return project_id
def check_volume_policy_and_retrieve(policy_name, vol_ident, target=False):
- """Check if the specified policy authorizes this request on a port.
+ """Check if the specified policy authorizes this request on a volume.
:param: policy_name: Name of the policy to check.
:param: vol_ident: The name, uuid, or other valid ID value to find
- a port or portgroup by.
+ a volume target or connector by.
:param: target: Boolean value to indicate if the check is for a volume
target or connector. Default value is False, implying
connector.
@@ -1864,7 +1864,7 @@ def check_volume_policy_and_retrieve(policy_name, vol_ident, target=False):
else:
rpc_vol = objects.VolumeTarget.get(context, vol_ident)
except (exception.VolumeConnectorNotFound, exception.VolumeTargetNotFound):
- # don't expose non-existence of port unless requester
+ # don't expose non-existence of volume unless requester
# has generic access to policy
raise