From 95f677d7f3d134896b8c216b7f2a5d71cc64cd2f Mon Sep 17 00:00:00 2001 From: Salvatore Orlando Date: Fri, 15 Mar 2013 01:31:31 +0100 Subject: [PATCH] Fix typo in policy.json and checks in nicira plugin Bug 1155379 This patch removes extra colons from policy.json. Also, it fixes some checks in the nicira plugin which were not passing correctly the target resource for the policy engine. Change-Id: I89a1d170818173eaa90b50158289a06455febadc --- etc/policy.json | 6 +++--- quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py | 8 +++----- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/etc/policy.json b/etc/policy.json index aa18ba6e10..f2c304b484 100644 --- a/etc/policy.json +++ b/etc/policy.json @@ -51,9 +51,9 @@ "delete_service_type": "rule:admin_only", "get_service_type": "rule:regular_user", - "create_qos_queue:": "rule:admin_only", - "get_qos_queue:": "rule:admin_only", - "get_qos_queues:": "rule:admin_only", + "create_qos_queue": "rule:admin_only", + "get_qos_queue": "rule:admin_only", + "get_qos_queues": "rule:admin_only", "update_agent": "rule:admin_only", "delete_agent": "rule:admin_only", diff --git a/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py b/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py index c5a2780bd7..abc9ac191f 100644 --- a/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py +++ b/quantum/plugins/nicira/nicira_nvp_plugin/QuantumPlugin.py @@ -2208,10 +2208,9 @@ class NvpPluginV2(db_base_plugin_v2.QuantumDbPluginV2, sgrid) def create_qos_queue(self, context, qos_queue, check_policy=True): - if check_policy: - self._enforce_set_auth(context, qos_queue, - ext_qos.qos_queue_create) q = qos_queue.get('qos_queue') + if check_policy: + self._enforce_set_auth(context, q, ext_qos.qos_queue_create) self._validate_qos_queue(context, q) q['id'] = nvplib.create_lqueue(self.default_cluster, self._nvp_lqueue(q)) @@ -2229,8 +2228,7 @@ class NvpPluginV2(db_base_plugin_v2.QuantumDbPluginV2, return super(NvpPluginV2, self).delete_qos_queue(context, id) def get_qos_queue(self, context, id, fields=None): - if not self._check_view_auth(context, {'qos_queue': None}, - ext_qos.qos_queue_get): + if not self._check_view_auth(context, {}, ext_qos.qos_queue_get): # don't want the user to find out that they guessed the right id # so we raise not found if the policy.json file doesn't allow them raise ext_qos.QueueNotFound(id=id)