openstack/horizon
Code Issues Proposed changes

Merge "Handle Permission Denied for policy files"

Browse Source
This commit is contained in:
Zuul 2019-09-26 18:39:54 +00:00 committed by Gerrit Code Review
commit e1d2a8dfb3
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
openstack_auth/policy.py
View File

@ -64,7 +64,16 @@ def _get_enforcer():
policy_file, policy_dirs = _get_policy_file_with_full_path(service) policy_file, policy_dirs = _get_policy_file_with_full_path(service)
conf = _get_policy_conf(policy_file, policy_dirs) conf = _get_policy_conf(policy_file, policy_dirs)
enforcer = policy.Enforcer(conf) enforcer = policy.Enforcer(conf)
enforcer.load_rules() try:
enforcer.load_rules()
except IOError:
# Just in case if we have permission denied error which is not
# handled by oslo.policy now. It will handled in the code like
# we don't have any policy file: allow action from the Horizon
# side.
LOG.warning("Cannot load a policy file '%s' for service '%s' "
"due to IOError. One possible reason is "
"permission denied.", policy_file, service)
# Ensure enforcer.rules is populated. # Ensure enforcer.rules is populated.
if enforcer.rules: if enforcer.rules:
LOG.debug("adding enforcer for service: %s", service) LOG.debug("adding enforcer for service: %s", service)