keystone.policy.backends.rules module

Policy engine for keystone.

class keystone.policy.backends.rules.Policy[source]

Bases: PolicyDriverBase

create_policy(policy_id, policy)[source]

Store a policy blob.

Raises:

keystone.exception.Conflict – If a duplicate policy exists.

delete_policy(policy_id)[source]

Remove a policy blob.

Raises:

keystone.exception.PolicyNotFound – If the policy doesn’t exist.

enforce(credentials, action, target)[source]

Verify that a user is authorized to perform action.

For more information on a full implementation of this see: keystone.policy.backends.rules.Policy.enforce

get_policy(policy_id)[source]

Retrieve a specific policy blob.

Raises:

keystone.exception.PolicyNotFound – If the policy doesn’t exist.

list_policies()[source]

List all policies.

update_policy(policy_id, policy)[source]

Update a policy blob.

Raises:

keystone.exception.PolicyNotFound – If the policy doesn’t exist.