Coverage for watcher/api/acl.py: 100%

7 statements  

« prev     ^ index     » next       coverage.py v7.8.2, created at 2025-06-17 12:22 +0000

1# -*- encoding: utf-8 -*- 

2# 

3# Copyright © 2012 New Dream Network, LLC (DreamHost) 

4# Copyright (c) 2016 Intel Corp 

5# 

6# Licensed under the Apache License, Version 2.0 (the "License"); you may 

7# not use this file except in compliance with the License. You may obtain 

8# a copy of the License at 

9# 

10# http://www.apache.org/licenses/LICENSE-2.0 

11# 

12# Unless required by applicable law or agreed to in writing, software 

13# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 

14# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 

15# License for the specific language governing permissions and limitations 

16# under the License. 

17 

18 

19"""Access Control Lists (ACL's) control access the API server.""" 

20 

21from watcher.api.middleware import auth_token 

22from watcher import conf 

23 

24CONF = conf.CONF 

25 

26 

27def install(app, conf, public_routes): 

28 """Install ACL check on application. 

29 

30 :param app: A WSGI application. 

31 :param conf: Settings. Dict'ified and passed to keystonemiddleware 

32 :param public_routes: The list of the routes which will be allowed to 

33 access without authentication. 

34 :return: The same WSGI application with ACL installed. 

35 

36 """ 

37 if not CONF.get('enable_authentication'): 

38 return app 

39 return auth_token.AuthTokenMiddleware(app, 

40 conf=dict(conf.keystone_authtoken), 

41 public_api_routes=public_routes)