openstack/designate
Code Issues Proposed changes

Add a "force" option to context sudo.

Browse Source 
Change-Id: I6da29e005616b51cb4e2b1ae388f648808610c70
This commit is contained in:
Kiall Mac Innes 2013-04-11 15:27:27 +01:00
parent 9f5ba038f6
commit ca1c17e0bb
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
moniker/context.py
View File

@ -37,12 +37,15 @@ class MonikerContext(context.RequestContext):
self._original_tenant_id = None self._original_tenant_id = None
self.roles = roles self.roles = roles
def sudo(self, tenant_id): def sudo(self, tenant_id, force=False):
# We use exc=None here since the context is built early in the request if force:
# lifecycle, outside of our ordinary error handling. allowed_sudo = True
else:
# We use exc=None here since the context is built early in the
# request lifecycle, outside of our ordinary error handling.
# For now, we silently ignore failed sudo requests. # For now, we silently ignore failed sudo requests.
allowed_sudo = policy.check('use_sudo', self, {'tenant_id': tenant_id}, target = {'tenant_id': tenant_id}
exc=None) allowed_sudo = policy.check('use_sudo', self, target, exc=None)
if allowed_sudo: if allowed_sudo:
LOG.warn('Accepted sudo from user_id %s for tenant_id %s' LOG.warn('Accepted sudo from user_id %s for tenant_id %s'