Rewrite rbac tests to use Authorizer middleware

author: Michael Gundlach <michael.gundlach@rackspace.com> 2010-09-21 16:57:08 -0400
committer: Michael Gundlach <michael.gundlach@rackspace.com> 2010-09-21 16:57:08 -0400
commit: 84fbfe09e10b330a5668e99422247801f370d0f9 (patch)
tree: 7d548f28d56be5e10604a16f85a0a219539550b2 /nova/api
parent: d6104d8302057d45fa150079b5911f941cc311ce (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py
index a7b10e428..b041787c2 100644
--- a/nova/api/ec2/__init__.py
+++ b/nova/api/ec2/__init__.py
@@ -25,6 +25,7 @@ import webob.dec
 import webob.exc
 
 from nova import exception
+from nova import flags
 from nova import wsgi
 from nova.api.ec2 import apirequest
 from nova.api.ec2 import context
@@ -33,6 +34,7 @@ from nova.api.ec2 import cloud
 from nova.auth import manager
 
 
+FLAGS = flags.FLAGS
 _log = logging.getLogger("api")
 _log.setLevel(logging.DEBUG)
 
@@ -176,6 +178,7 @@ class Authorizer(wsgi.Middleware):
         controller_name = req.environ['ec2.controller'].__class__.__name__
         action = req.environ['ec2.action']
         allowed_roles = self.action_roles[controller_name].get(action, [])
+        allowed_roles.extend(FLAGS.superuser_roles)
         if self._matches_any_role(context, allowed_roles):
             return self.application
         else:
author	Michael Gundlach <michael.gundlach@rackspace.com>	2010-09-21 16:57:08 -0400
committer	Michael Gundlach <michael.gundlach@rackspace.com>	2010-09-21 16:57:08 -0400
commit	84fbfe09e10b330a5668e99422247801f370d0f9 (patch)
tree	7d548f28d56be5e10604a16f85a0a219539550b2 /nova/api
parent	d6104d8302057d45fa150079b5911f941cc311ce (diff)