Merge "Use authorize instead of enforce in policy"

This commit is contained in:
Zuul 2018-10-15 21:43:45 +00:00 committed by Gerrit Code Review
commit 8225a6b6a3
1 changed files with 3 additions and 2 deletions

View File

@ -57,9 +57,10 @@ def _check_rule(context, rule):
init()
# the target is user-self
credentials = context.to_policy_values()
if rule not in _ROLE_ENFORCER.rules:
try:
return _ROLE_ENFORCER.authorize(rule, credentials, credentials)
except policy.PolicyNotRegistered:
return False
return _ROLE_ENFORCER.enforce(rule, credentials, credentials)
def check_is_admin(context):