From 4818a37a27ce6fd51974996cecc607ad3544026e Mon Sep 17 00:00:00 2001 From: Steven Hardy Date: Wed, 16 Jul 2014 17:10:59 +0100 Subject: [PATCH] Remove unused functions from policy enforcer The policy.Enforcer class has two functions which we don't use anywhere, and the check function is broken due to an argument mismatch with _check, so remove them until such time as they are actually needed. Change-Id: I25199fffeed5905b0673f137c70720ddb6dc48cb --- heat/common/policy.py | 13 ------------- heat/tests/test_common_policy.py | 8 -------- 2 files changed, 21 deletions(-) diff --git a/heat/common/policy.py b/heat/common/policy.py index fec3e0dc9..01a4338c7 100644 --- a/heat/common/policy.py +++ b/heat/common/policy.py @@ -76,16 +76,6 @@ class Enforcer(object): _target = target or {} return self._check(context, _action, _target, self.exc, action=action) - def check(self, context, action, target): - """Verifies that the action is valid on the target in this context. - - :param context: Heat request context - :param action: String representing the action to be checked - :param target: Dictionary representing the object of the action. - :returns: A non-False value if access is allowed. - """ - return self._check(context, action, target) - def check_is_admin(self, context): """Whether or not roles contains 'admin' role according to policy.json @@ -93,6 +83,3 @@ class Enforcer(object): :returns: A non-False value if the user is admin according to policy """ return self._check(context, 'context_is_admin', target={}, exc=None) - - def clear(self): - self.enforcer.clear() diff --git a/heat/tests/test_common_policy.py b/heat/tests/test_common_policy.py index 676ffdcd4..7af151f11 100644 --- a/heat/tests/test_common_policy.py +++ b/heat/tests/test_common_policy.py @@ -124,14 +124,6 @@ class TestPolicyEnforcer(HeatTestCase): # Everything should be allowed enforcer.enforce(ctx, action) - def test_clear(self): - self.stub_policyfile('deny_stack_user.json') - - enforcer = policy.Enforcer() - enforcer.load_rules(force_reload=True) - enforcer.clear() - self.assertEqual({}, enforcer.enforcer.rules) - def test_set_rules_overwrite_true(self): self.stub_policyfile('deny_stack_user.json')