The openstack_dashboard.policy ModuleΒΆ

Policy engine for Horizon

openstack_dashboard.policy.check(actions, request, target={})[source]

Check user permission.

Check if the user has permission to the action according to policy setting.

Parameters:
  • actions

    list of scope and action to do policy checks on, the composition of which is (scope, action)

    • scope: service type managing the policy for action
    • action: string representing the action to be checked
      this should be colon separated for clarity. i.e.
      compute:create_instance
      compute:attach_volume
      volume:attach_volume

    for a policy action that requires a single action, actions should look like

    “((“compute”, “compute:create_instance”),)”
    for a multiple action check, actions should look like
    “((“identity”, “identity:list_users”),
    (“identity”, “identity:list_roles”))”
  • request – django http request object. If not specified, credentials must be passed.
  • target – dictionary representing the object of the action for object creation this should be a dictionary representing the location of the object e.g. {‘tenant_id’: object.tenant_id}
Returns:

boolean if the user has permission or not for the actions.

openstack_dashboard.policy.reset()[source]

Previous topic

The openstack_dashboard.hooks Module

Next topic

The openstack_dashboard.context_processors Module

This Page