Recent versions of oslo policy allow the use of a policy.d to break up
policy in a more user understandable way. Nova is going to use this in
Kilo to break out v2 and v2.1 API policy definitions.
This provides a unified helper for installing sample policies. It
makes some assumptions on project directory structure. Porting other
projects to use this can happen in the future.
Change-Id: Iec23b095176332414faf76a9c329f8bb5f3aa6c3
... | ... |
@@ -787,6 +787,28 @@ function get_field { |
787 | 787 |
done |
788 | 788 |
} |
789 | 789 |
|
790 |
+# install default policy |
|
791 |
+# copy over a default policy.json and policy.d for projects |
|
792 |
+function install_default_policy { |
|
793 |
+ local project=$1 |
|
794 |
+ local project_uc=$(echo $1|tr a-z A-Z) |
|
795 |
+ local conf_dir="${project_uc}_CONF_DIR" |
|
796 |
+ # eval conf dir to get the variable |
|
797 |
+ conf_dir="${!conf_dir}" |
|
798 |
+ local project_dir="${project_uc}_DIR" |
|
799 |
+ # eval project dir to get the variable |
|
800 |
+ project_dir="${!project_dir}" |
|
801 |
+ local sample_conf_dir="${project_dir}/etc/${project}" |
|
802 |
+ local sample_policy_dir="${project_dir}/etc/${project}/policy.d" |
|
803 |
+ |
|
804 |
+ # first copy any policy.json |
|
805 |
+ cp -p $sample_conf_dir/policy.json $conf_dir |
|
806 |
+ # then optionally copy over policy.d |
|
807 |
+ if [[ -d $sample_policy_dir ]]; then |
|
808 |
+ cp -r $sample_policy_dir $conf_dir/policy.d |
|
809 |
+ fi |
|
810 |
+} |
|
811 |
+ |
|
790 | 812 |
# Add a policy to a policy.json file |
791 | 813 |
# Do nothing if the policy already exists |
792 | 814 |
# ``policy_add policy_file policy_name policy_permissions`` |