Remove db layer hard-code permission checks for provider_fw_rule_*
The db calls provider_fw_rule_* is only invoked by nova internal code. There isn't any REST API entry for them. So this patch remove the hard-code permission for them directly. Partially implements bp nova-api-policy-final-part Change-Id: I2b2d5410c37fc2e777a800952b7773669abc5738
This commit is contained in:
parent
316a94dd03
commit
5a2932f609
|
@ -4301,7 +4301,6 @@ def security_group_default_rule_list(context):
|
|||
###################
|
||||
|
||||
|
||||
@require_admin_context
|
||||
def provider_fw_rule_create(context, rule):
|
||||
fw_rule_ref = models.ProviderFirewallRule()
|
||||
fw_rule_ref.update(rule)
|
||||
|
@ -4309,12 +4308,10 @@ def provider_fw_rule_create(context, rule):
|
|||
return fw_rule_ref
|
||||
|
||||
|
||||
@require_admin_context
|
||||
def provider_fw_rule_get_all(context):
|
||||
return model_query(context, models.ProviderFirewallRule).all()
|
||||
|
||||
|
||||
@require_admin_context
|
||||
def provider_fw_rule_destroy(context, rule_id):
|
||||
session = get_session()
|
||||
with session.begin():
|
||||
|
|
Loading…
Reference in New Issue