4ed29c221b
While there is same rule_check in different branchs of a rule, it shouln't
be judged to having cyclical reference.
For example:
'get_properties': 'rule:is_admin or rule:is_observer'
'is_admin': 'rule:is_member'
'is_observer': 'rule:is_member'
In this situation, it shouldn't be judged to haveing cyclical reference.
So that the parameter 'seen' should be passed like this to prevent it from
missing judgement:
get_properties(seen)
|
--------------- Or -------------------
| |
rule:is_admin(seen') rule:is_observer(seen'')
| |
rule:is_member(seen') rule:is_member(seen'')
Change-Id: I904dc60c40b11699c9087e6ebae7aba4d0113dd8
Closes-bug: #1637419
oslo.policy
The Oslo Policy library provides support for RBAC policy enforcement across all OpenStack services.
- Free software: Apache license
- Documentation: http://docs.openstack.org/developer/oslo.policy
- Source: http://git.openstack.org/cgit/openstack/oslo.policy
- Bugs: http://bugs.launchpad.net/oslo.policy