diff --git a/etc/policy.json.sample b/etc/policy.json.sample index 89d507675..df6c63832 100644 --- a/etc/policy.json.sample +++ b/etc/policy.json.sample @@ -9,6 +9,7 @@ "queues:delete": "", "queues:update": "", "queues:stats": "", + "queues:share": "", "messages:get_all": "", "messages:create": "", diff --git a/zaqar/tests/etc/policy.json b/zaqar/tests/etc/policy.json index 89d507675..df6c63832 100644 --- a/zaqar/tests/etc/policy.json +++ b/zaqar/tests/etc/policy.json @@ -9,6 +9,7 @@ "queues:delete": "", "queues:update": "", "queues:stats": "", + "queues:share": "", "messages:get_all": "", "messages:create": "", diff --git a/zaqar/transport/wsgi/v2_0/stats.py b/zaqar/transport/wsgi/v2_0/stats.py index 9f2366628..a86052b6a 100644 --- a/zaqar/transport/wsgi/v2_0/stats.py +++ b/zaqar/transport/wsgi/v2_0/stats.py @@ -18,6 +18,7 @@ import six from zaqar.i18n import _ from zaqar.storage import errors as storage_errors +from zaqar.transport import acl from zaqar.transport import utils from zaqar.transport.wsgi import errors as wsgi_errors @@ -32,6 +33,7 @@ class Resource(object): def __init__(self, queue_controller): self._queue_ctrl = queue_controller + @acl.enforce("queues:stats") def on_get(self, req, resp, project_id, queue_name): try: resp_dict = self._queue_ctrl.stats(queue_name, diff --git a/zaqar/transport/wsgi/v2_0/urls.py b/zaqar/transport/wsgi/v2_0/urls.py index d1d94eacb..76aa269de 100644 --- a/zaqar/transport/wsgi/v2_0/urls.py +++ b/zaqar/transport/wsgi/v2_0/urls.py @@ -19,6 +19,7 @@ import six from zaqar.common import urls from zaqar.i18n import _LE +from zaqar.transport import acl from zaqar.transport import utils from zaqar.transport.wsgi import errors as wsgi_errors from zaqar.transport.wsgi import utils as wsgi_utils @@ -38,6 +39,7 @@ class Resource(object): self._driver = driver self._conf = driver._conf + @acl.enforce("queues:share") def on_post(self, req, resp, project_id, queue_name): LOG.debug(u'Pre-Signed URL Creation for queue: %(queue)s, ' u'project: %(project)s',