Using rbac policy for images panel

Since murano didn't have mark_image and remove_mark_image policy,
So add it for dashboard policy, let the images panel can use the rbac
policy.

Change-Id: I7a32ba004833e24e0d359ea94ddfc638124552ec
Closes-Bug: #1621054
Implements: blueprint murano-dashboard-rbac

muranodashboard/conf/murano_policy.json

@@ -31,6 +31,9 @@
     "update_env_template": "rule:default",
     "delete_env_template": "rule:default",
 
-    "execute_action": "rule:default"
+    "execute_action": "rule:default",
+
+    "mark_image": "rule:admin_api",
+    "remove_image_metadata": "rule:admin_api"
 }
 

muranodashboard/images/tables.py

@@ -18,6 +18,7 @@ from django.utils.translation import ungettext_lazy
 from horizon import exceptions
 from horizon import tables
 from openstack_dashboard.api import glance
+from openstack_dashboard import policy
 
 from muranodashboard.common import utils as md_utils
 
@@ -28,12 +29,12 @@ class MarkImage(tables.LinkAction):
     url = "horizon:app-catalog:images:mark_image"
     classes = ("ajax-modal",)
     icon = "plus"
-
+    policy_rules = (("murano", "mark_image"),)
-    def allowed(self, request, image):
-        return request.user.is_superuser
 
 
-class RemoveImageMetadata(tables.DeleteAction):
+class RemoveImageMetadata(policy.PolicyTargetMixin, tables.DeleteAction):
+    policy_rules = (("murano", "remove_image_metadata"),)
+
     @staticmethod
     def action_present(count):
         return ungettext_lazy(
@@ -59,9 +60,6 @@ class RemoveImageMetadata(tables.DeleteAction):
                               redirect=reverse(
                                   'horizon:app-catalog:images:index'))
 
-    def allowed(self, request, image):
-        return request.user.is_superuser
-
 
 class MarkedImagesTable(tables.DataTable):
     image = tables.Column(