Add log statements for policy check failures
Misconfiguration of the policy.json file may cause policy check failures. It's kind to the developer to log the underlying exception so that he/she can have more information as to how to address the problem. Closes bug: #1246139 Change-Id: I8664959cb98b3a41d159db3acb91da9baba810ae
This commit is contained in:
parent
fd952c9fbe
commit
1ad5fc8493
@ -370,13 +370,16 @@ def enforce(context, action, target, plugin=None):
|
||||
:param plugin: currently unused and deprecated.
|
||||
Kept for backward compatibility.
|
||||
|
||||
:raises neutron.exceptions.PolicyNotAllowed: if verification fails.
|
||||
:raises neutron.exceptions.PolicyNotAuthorized: if verification fails.
|
||||
"""
|
||||
|
||||
init()
|
||||
rule, target, credentials = _prepare_check(context, action, target)
|
||||
return policy.check(rule, target, credentials,
|
||||
exc=exceptions.PolicyNotAuthorized, action=action)
|
||||
result = policy.check(rule, target, credentials, action=action)
|
||||
if not result:
|
||||
LOG.debug(_("Failed policy check for '%s'"), action)
|
||||
raise exceptions.PolicyNotAuthorized(action=action)
|
||||
return result
|
||||
|
||||
|
||||
def check_is_admin(context):
|
||||
|
Loading…
Reference in New Issue
Block a user