The admin role judge exception caused the policy to fail
1. What is the problem? Caused the policy to fail When use 'admin' role to create pod, Error response is "Unauthorized to create pods". 2. What is the solution to the problem? In context, the 'HTTP_X_ROLE' maybe include mutilple role, so use 'admin' in environ.get('HTTP_X_ROLE') to judge rather than equality. Change-Id: If0a765603e56e0325a31f7a3e0202f52fd1cbe38
This commit is contained in:
parent
c2dcd4f660
commit
bcc307ae5b
|
@ -119,7 +119,7 @@ def _extract_context_from_environ(environ):
|
|||
context_paras[key] = environ.get(context_paras[key])
|
||||
role = environ.get('HTTP_X_ROLE')
|
||||
# TODO(zhiyuan): replace with policy check
|
||||
context_paras['is_admin'] = role == 'admin'
|
||||
context_paras['is_admin'] = 'admin' in role.split(',') if role else False
|
||||
return t_context.Context(**context_paras)
|
||||
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ def extract_context_from_environ():
|
|||
context_paras[key] = environ.get(context_paras[key])
|
||||
role = environ.get('HTTP_X_ROLE')
|
||||
|
||||
context_paras['is_admin'] = role == 'admin'
|
||||
context_paras['is_admin'] = 'admin' in role.split(',') if role else False
|
||||
return Context(**context_paras)
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue