Elena Ezhova d841516fb5 Forbid regular users to reset admin-only attrs to default values ...

A regular user can reset an admin-only attribute to its default
value due to the fact that a corresponding policy rule is
enforced only in the case when an attribute is present in the
target AND has a non-default value.

Added a new attribute "attributes_to_update" which contains a list
of all to-be updated attributes to the body of the target that is
passed to policy.enforce.

Changed a check for whether an attribute is explicitly set.
Now, in the case of update, the function should not pay attention
to a default value of an attribute, but check whether it was
explicitly marked as being updated.

Added unit-tests.

Closes-Bug: #1357379
Related-Bug: #1338880
Change-Id: I6537bb1da5ef0d6899bc71e4e949f2c760c103c2

2014-09-23 15:18:51 +04:00

..

__init__.py

Update License Headers to replace Nicira with VMware

2014-02-27 08:11:15 +00:00

config.py

Remove unused arg to config.setup_logging()

2014-09-05 12:05:17 +10:00

constants.py

Forbid regular users to reset admin-only attrs to default values

2014-09-23 15:18:51 +04:00

exceptions.py

Tunnel ID range validation for VXLAN/GRE networks

2014-09-15 08:41:09 -07:00

ipv6_utils.py

Check for IPv6 file before reading

2014-08-27 08:04:11 -07:00

log.py

Remove @author(s) from copyright statements

2014-09-15 21:40:09 +09:00

rpc.py

Removed direct access to MessagingServer

2014-09-08 16:13:53 +00:00

test_lib.py

Remove the useless vim modelines

2014-06-21 15:07:31 +08:00

topics.py

RPC additions to support DVR

2014-07-17 11:45:45 -07:00

utils.py

Merge "Fix DVR to service DHCP Ports"

2014-09-16 13:26:05 +00:00