Merge "Remove deprecated ironic.common.policy.enforce()"

2017-12-20 13:17:18 +00:00 · 2017-12-20 13:17:18 +00:00 · 49b528101a
commit 49b528101a
parent 2924c3efb6 76935af0ef
2 changed files with 0 additions and 41 deletions
--- a/ironic/common/policy.py
+++ b/ironic/common/policy.py
@ -458,8 +458,6 @@ def authorize(rule, target, creds, *args, **kwargs):
    Checks authorization of a rule against the target and credentials, and
    raises an exception if the rule is not defined.
    Always returns true if CONF.auth_strategy == noauth.
-
-    Beginning with the Newton cycle, this should be used in place of 'enforce'.
    """
    if CONF.auth_strategy == 'noauth':
        return True
@ -479,23 +477,3 @@ def check(rule, target, creds, *args, **kwargs):
    """
    enforcer = get_enforcer()
    return enforcer.enforce(rule, target, creds, *args, **kwargs)
-
-
-def enforce(rule, target, creds, do_raise=False, exc=None, *args, **kwargs):
-    """A shortcut for policy.Enforcer.enforce()
-
-    Checks authorization of a rule against the target and credentials.
-    Always returns true if CONF.auth_strategy == noauth.
-
-    """
-    # NOTE(deva): this method is obsoleted by authorize(), but retained for
-    # backwards compatibility in case it has been used downstream.
-    # It may be removed in the Pike cycle.
-    LOG.warning("Deprecation warning: calls to ironic.common.policy.enforce() "
-                "should be replaced with authorize(). This method may be "
-                "removed in a future release.")
-    if CONF.auth_strategy == 'noauth':
-        return True
-    enforcer = get_enforcer()
-    return enforcer.enforce(rule, target, creds, do_raise=do_raise,
-                            exc=exc, *args, **kwargs)
--- a/ironic/tests/unit/common/test_policy.py
+++ b/ironic/tests/unit/common/test_policy.py
@ -118,25 +118,6 @@ class PolicyTestCase(base.TestCase):
            oslo_policy.PolicyNotRegistered,
            policy.authorize, 'has_bar_role', creds, creds)

-    def test_enforce_existing_rule_passes(self):
-        creds = {'roles': ['foo']}
-        self.assertTrue(policy.enforce('has_foo_role', creds, creds))
-
-    def test_enforce_missing_rule_fails(self):
-        creds = {'roles': ['foo']}
-        self.assertFalse(policy.enforce('has_bar_role', creds, creds))
-
-    def test_enforce_existing_rule_fails(self):
-        creds = {'roles': ['bar']}
-        self.assertFalse(policy.enforce('has_foo_role', creds, creds))
-
-    def test_enforce_existing_rule_raises(self):
-        creds = {'roles': ['bar']}
-        self.assertRaises(
-            exception.IronicException,
-            policy.enforce, 'has_foo_role', creds, creds, True,
-            exception.IronicException)
-
    @mock.patch.object(cfg, 'CONF', autospec=True)
    @mock.patch.object(policy, 'get_enforcer', autospec=True)
    def test_get_oslo_policy_enforcer_no_args(self, mock_gpe, mock_cfg):