Remove db layer hard-code permission checks for provider_fw_rule_*

The db calls provider_fw_rule_* is only invoked by nova internal code. There isn't any REST API entry for them. So this patch remove the hard-code permission for them directly. Partially implements bp nova-api-policy-final-part Change-Id: I2b2d5410c37fc2e777a800952b7773669abc5738
2015-07-10 13:44:54 +08:00 · 2015-07-10 13:44:54 +08:00 · 5a2932f609
parent 316a94dd03
commit 5a2932f609
1 changed files with 0 additions and 3 deletions
--- a/nova/db/sqlalchemy/api.py
+++ b/nova/db/sqlalchemy/api.py
@ -4301,7 +4301,6 @@ def security_group_default_rule_list(context):
 ###################


-@require_admin_context
 def provider_fw_rule_create(context, rule):
    fw_rule_ref = models.ProviderFirewallRule()
    fw_rule_ref.update(rule)
@ -4309,12 +4308,10 @@ def provider_fw_rule_create(context, rule):
    return fw_rule_ref


-@require_admin_context
 def provider_fw_rule_get_all(context):
    return model_query(context, models.ProviderFirewallRule).all()


-@require_admin_context
 def provider_fw_rule_destroy(context, rule_id):
    session = get_session()
    with session.begin():