diff options
Diffstat (limited to 'keystone/common/rbac_enforcer/enforcer.py')
-rw-r--r-- | keystone/common/rbac_enforcer/enforcer.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/keystone/common/rbac_enforcer/enforcer.py b/keystone/common/rbac_enforcer/enforcer.py index ca6a8e7b2..7add048ce 100644 --- a/keystone/common/rbac_enforcer/enforcer.py +++ b/keystone/common/rbac_enforcer/enforcer.py @@ -14,6 +14,7 @@ import functools import flask from oslo_log import log +from oslo_policy import opts from oslo_policy import policy as common_policy from oslo_utils import strutils @@ -39,6 +40,13 @@ _POSSIBLE_TARGET_ACTIONS = frozenset([ _ENFORCEMENT_CHECK_ATTR = 'keystone:RBAC:enforcement_called' +# TODO(gmann): Remove setting the default value of config policy_file +# once oslo_policy change the default value to 'policy.yaml'. +# https://github.com/openstack/oslo.policy/blob/a626ad12fe5a3abd49d70e3e5b95589d279ab578/oslo_policy/opts.py#L49 +DEFAULT_POLICY_FILE = 'policy.yaml' +opts.set_defaults(CONF, DEFAULT_POLICY_FILE) + + class RBACEnforcer(object): """Enforce RBAC on API calls.""" |