66df3a8fef
Currently if target is not passed in context.can(), it use defauls target which is context.user_id, context.project_id. These defaults target are not useful as it pass the context's user_id and project_id only which means we tell oslo policy to verify the context data with context data. This commit pass the actual target for os-instance-usage-audit-log policies which is empty dict because policy rule is system scoped rather than project, so the token scope check deals with the required target checking. Partial implement blueprint policy-defaults-refresh Change-Id: I5584b9bb192dc32c60ba5a83d3bd2de293bbbd27 |
||
---|---|---|
.. | ||
compute | ||
__init__.py | ||
api_version_request.py | ||
auth.py | ||
common.py | ||
identity.py | ||
requestlog.py | ||
urlmap.py | ||
versioned_method.py | ||
wsgi.py | ||
wsgi_app.py |