From 7fa7c8de75932b100a51d7b4039a75f8b0cfff05 Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Mon, 4 Jun 2018 17:49:21 +0300 Subject: [PATCH] Remove CA API policy file The CAs API was removed some months ago [1], but this file was left there. It generates noise when outputting the policy file. [1] Iead0336a19ce58b8b2bb1f9af5e6dd3688fe91fc Change-Id: I5452633e2d1de0970f2cd47c38b19f288d87db13 --- barbican/common/policies/__init__.py | 2 -- barbican/common/policies/cas.py | 51 ---------------------------- 2 files changed, 53 deletions(-) delete mode 100644 barbican/common/policies/cas.py diff --git a/barbican/common/policies/__init__.py b/barbican/common/policies/__init__.py index 5e86b2a5d..0e31ca195 100644 --- a/barbican/common/policies/__init__.py +++ b/barbican/common/policies/__init__.py @@ -14,7 +14,6 @@ import itertools from barbican.common.policies import acls from barbican.common.policies import base -from barbican.common.policies import cas from barbican.common.policies import consumers from barbican.common.policies import containers from barbican.common.policies import orders @@ -29,7 +28,6 @@ def list_rules(): return itertools.chain( base.list_rules(), acls.list_rules(), - cas.list_rules(), consumers.list_rules(), containers.list_rules(), orders.list_rules(), diff --git a/barbican/common/policies/cas.py b/barbican/common/policies/cas.py deleted file mode 100644 index 4998cc10b..000000000 --- a/barbican/common/policies/cas.py +++ /dev/null @@ -1,51 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -from oslo_policy import policy - - -rules = [ - policy.RuleDefault('certificate_authorities:get_limited', - 'rule:all_users'), - policy.RuleDefault('certificate_authorities:get_all', - 'rule:admin'), - policy.RuleDefault('certificate_authorities:post', - 'rule:admin'), - policy.RuleDefault('certificate_authorities:get_preferred_ca', - 'rule:all_users'), - policy.RuleDefault('certificate_authorities:get_global_preferred_ca', - 'rule:service_admin'), - policy.RuleDefault('certificate_authorities:unset_global_preferred', - 'rule:service_admin'), - policy.RuleDefault('certificate_authority:delete', - 'rule:admin'), - policy.RuleDefault('certificate_authority:get', - 'rule:all_users'), - policy.RuleDefault('certificate_authority:get_cacert', - 'rule:all_users'), - policy.RuleDefault('certificate_authority:get_ca_cert_chain', - 'rule:all_users'), - policy.RuleDefault('certificate_authority:get_projects', - 'rule:service_admin'), - policy.RuleDefault('certificate_authority:add_to_project', - 'rule:admin'), - policy.RuleDefault('certificate_authority:remove_from_project', - 'rule:admin'), - policy.RuleDefault('certificate_authority:set_preferred', - 'rule:admin'), - policy.RuleDefault('certificate_authority:set_global_preferred', - 'rule:service_admin'), -] - - -def list_rules(): - return rules