The heat.common.policy Module

Policy Engine For Heat

class heat.common.policy.Enforcer(scope='heat', exc=<class 'heat.common.exception.Forbidden'>)[source]

Bases: object

Responsible for loading and enforcing rules

check(context, action, target)[source]

Verifies that the action is valid on the target in this context.

Parameters:
  • context – Heat request context
  • action – String representing the action to be checked
  • object – Dictionary representing the object of the action.
Returns:

A non-False value if access is allowed.
enforce(context, action, target)[source]

Verifies that the action is valid on the target in this context.

Parameters:
  • context – Heat request context
  • action – String representing the action to be checked
  • object – Dictionary representing the object of the action.
Raises :

self.exc (defaults to heat.common.exception.Forbidden)
Returns:

A non-False value if access is allowed.
load_rules()[source]

Set the rules found in the json file on disk

set_rules(rules)[source]

Create a new Rules object based on the provided dict of rules

This Page

Navigation

© Copyright 2012,2013 Heat Developers. Created using Sphinx 1.1.3.