From 0e1ed1a4b23142ff379e01a3574fef771f703915 Mon Sep 17 00:00:00 2001
From: Ethan Lynn <xuanlangjian@gmail.com>
Date: Tue, 25 Dec 2018 11:15:13 +0800
Subject: [PATCH] Fix SoftwareDeployment on DELETE action

When we specify a sd on delete action, os-collect-config will not
get authentication because we didn't load access_allowed_handlers
after stack enter stack delete phrase. This patch will make sure
we load necessary access_allowed_handlers even if in stack delete
phrase.

Change-Id: I43c1a865f507f7cb7757e26ae5c503ce484ee280
Story: #2004661
Task: #28628
---
 heat/engine/stack.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/heat/engine/stack.py b/heat/engine/stack.py
index 8314814af1..3906bd9ddb 100644
--- a/heat/engine/stack.py
+++ b/heat/engine/stack.py
@@ -822,11 +822,11 @@ class Stack(collections.Mapping):
 
     def access_allowed(self, credential_id, resource_name):
         """Is credential_id authorised to access resource by resource_name."""
-        if not self.resources:
-            # this also triggers lazy-loading of resources
-            # so is required for register_access_allowed_handler
-            # to be called
-            return False
+        if not self.resources or resource_name not in self.resources:
+            # this handle the case that sd in action delete,
+            # try to load access_allowed_handlers if resources object
+            # haven't been loaded.
+            [res.name for res in self.iter_resources()]
 
         handler = self._access_allowed_handlers.get(credential_id)
         return handler and handler(resource_name)