From 5bdcaeff018782a956fd8228e04ddd2169c353c6 Mon Sep 17 00:00:00 2001 From: Rabi Mishra Date: Wed, 20 Feb 2019 14:51:20 +0530 Subject: [PATCH] Add entry_point for oslo policy scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit With the setup.cfg entry it can be called directly from oslo.policy. $oslopolicy-policy-generator --namespace heat This will get the effective policy that’s being executed. Change-Id: Iad2e71819f4847f47dd17d3cd4afa78e6b3f52a7 Story: #2005055 Task: 29573 --- heat/common/policy.py | 9 +++++++++ setup.cfg | 3 +++ 2 files changed, 12 insertions(+) diff --git a/heat/common/policy.py b/heat/common/policy.py index 4707c96735..312608c935 100644 --- a/heat/common/policy.py +++ b/heat/common/policy.py @@ -51,6 +51,8 @@ class Enforcer(object): # register rules self.enforcer.register_defaults(policies.list_rules()) + self.file_rules = self.enforcer.file_rules + self.registered_rules = self.enforcer.registered_rules def set_rules(self, rules, overwrite=True): """Create a new Rules object based on the provided dict of rules.""" @@ -118,6 +120,13 @@ class Enforcer(object): is_registered_policy=True) +def get_policy_enforcer(): + # This method is used by oslopolicy CLI scripts to generate policy + # files from overrides on disk and defaults in code. + CONF([], project='heat') + return get_enforcer() + + def get_enforcer(): global ENFORCER if ENFORCER is None: diff --git a/setup.cfg b/setup.cfg index 2cdbedc91e..d4580d9923 100644 --- a/setup.cfg +++ b/setup.cfg @@ -60,6 +60,9 @@ oslo.config.opts = oslo.config.opts.defaults = heat.common.config = heat.common.config:set_config_defaults +oslo.policy.enforcer = + heat = heat.common.policy:get_policy_enforcer + oslo.policy.policies = heat = heat.policies:list_rules