Use default policy in code

Delete policy.json from repo since we can use policies registered in code. We can also change default policy rules through below steps: - generate policy.yaml and copy to /etc/barbican - configure `policy_file=policy.yaml` in `oslo_policy` section - uncomment rules in policy.yaml and make changes as we desire - restart barbican api service - test whether new rules take effect on corresponding API Change-Id: Ia64eac1eb4e30457b323c6ab99d26d3d40c28060
2017-09-03 21:33:47 +08:00
parent 48f50a0868
commit 73420137a6
6 changed files with 83 additions and 101 deletions
--- a/setup.cfg
+++ b/setup.cfg
@@ -28,6 +28,9 @@ dogtag =
  dogtag-pki>=10.3.5.1 # LGPLv3+

 [entry_points]
+oslo.policy.enforcer =
+    barbican = barbican.common.policy:get_enforcer
+
 oslo.policy.policies =
    barbican = barbican.common.policies:list_rules