74d1093990
A regular user can reset an admin-only attribute to its default value due to the fact that a corresponding policy rule is enforced only in the case when an attribute is present in the target AND has a non-default value. Added a new attribute "attributes_to_update" which contains a list of all to-be updated attributes to the body of the target that is passed to policy.enforce. Changed a check for whether an attribute is explicitly set. Now, in the case of update, the function should not pay attention to a default value of an attribute, but check whether it was explicitly marked as being updated. Added unit-tests. Closes-Bug: #1357379 Related-Bug: #1338880 Change-Id: I6537bb1da5ef0d6899bc71e4e949f2c760c103c2 |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| attributes.py | ||
| base.py | ||
| resource_helper.py | ||
| resource.py | ||
| router.py | ||