a4906a4f57
sysinv files were being imported to provide authentication features like policy enforcement and request contexts. Those are now replaced with oslo imports. Test Plan: (Debian) PASS: AIO-DX bootstrap/unlock PASS: CLI upload/apply/host-install RR patch PASS: Horizon patching operations work PASS: NFV patching operations work PASS: no (new) errors in patching logs Story: 2009969 Task: 45998 Signed-off-by: Al Bailey <al.bailey@windriver.com> Change-Id: I15d80441201755673f827529469a7f4feaa7f0ee
28 lines
914 B
Python
Executable File
28 lines
914 B
Python
Executable File
#
|
|
# Copyright (c) 2014-2022 Wind River Systems, Inc.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
|
|
"""Access Control Lists (ACL's) control access the API server."""
|
|
from cgcs_patch.authapi import auth_token
|
|
|
|
OPT_GROUP_NAME = 'keystone_authtoken'
|
|
OPT_GROUP_PROVIDER = 'keystonemiddleware.auth_token'
|
|
|
|
|
|
def install(app, conf, public_routes):
|
|
"""Install ACL check on application.
|
|
|
|
:param app: A WSGI application.
|
|
:param conf: Settings. Must include OPT_GROUP_NAME section.
|
|
:param public_routes: The list of the routes which will be allowed
|
|
access without authentication.
|
|
:return: The same WSGI application with ACL installed.
|
|
|
|
"""
|
|
keystone_config = dict(conf.get(OPT_GROUP_NAME))
|
|
return auth_token.AuthTokenMiddleware(app,
|
|
conf=keystone_config,
|
|
public_api_routes=public_routes)
|