Merge "Create new policy for downloading deactivated artifacts"
This commit is contained in:
commit
9b9592ea1e
|
@ -69,7 +69,13 @@ artifact_policy_rules = [
|
|||
"Policy to set custom location for artifact"),
|
||||
policy.RuleDefault("artifact:upload", "rule:admin_or_owner",
|
||||
"Policy to upload blob for artifact"),
|
||||
policy.RuleDefault("artifact:download", "",
|
||||
policy.RuleDefault("artifact:download_deactivated",
|
||||
"'deactivated':%(status)s and rule:context_is_admin "
|
||||
"or not 'deactivated':%(status)s",
|
||||
"Policy to download blob from deactivated artifact"),
|
||||
policy.RuleDefault("artifact:download",
|
||||
"rule:admin_or_owner and "
|
||||
"rule:artifact:download_deactivated",
|
||||
"Policy to download blob from artifact"),
|
||||
]
|
||||
|
||||
|
|
|
@ -541,11 +541,6 @@ class Engine(object):
|
|||
blob_name = "%s[%s]" % (field_name, blob_key)\
|
||||
if blob_key else field_name
|
||||
|
||||
if af.status == 'deactivated' and not context.is_admin:
|
||||
msg = _("Only admin is allowed to download artifact data "
|
||||
"when it's deactivated")
|
||||
raise exception.Forbidden(message=msg)
|
||||
|
||||
if af.status == 'deleted':
|
||||
msg = _("Cannot download data when artifact is deleted")
|
||||
raise exception.Forbidden(message=msg)
|
||||
|
|
Loading…
Reference in New Issue