Policy.json should be defined by user
User can override and add values to policy.json by creating flat
key-value structure under glance:server:policy.
Change-Id: I4db6b17ab1ff925aa20cd3565417a4b35ed4561e
diff --git a/glance/server.sls b/glance/server.sls
index b9f7bc9..46215f1 100644
--- a/glance/server.sls
+++ b/glance/server.sls
@@ -210,19 +210,28 @@
{%- endfor %}
-{%- if server.policy is defined %}
+{%- for name, rule in server.get('policy', {}).iteritems() %}
-{%- for key, policy in server.policy.iteritems() %}
+{%- if rule != None %}
+rule_{{ name }}_present:
+ keystone_policy.rule_present:
+ - path: /etc/glance/policy.json
+ - name: {{ name }}
+ - rule: {{ rule }}
+ - require:
+ - pkg: glance_packages
-policy_{{ key }}:
- file.replace:
- - name: /etc/glance/policy.json
- - pattern: "[\"']{{ key }}[\"']:.*"
- {# unfortunatately there's no jsonify filter so we have to do magic :-( #}
- - repl: '"{{ key }}": {% if policy is iterable %}[{%- for rule in policy %}"{{ rule }}"{% if not loop.last %}, {% endif %}{%- endfor %}]{%- else %}"{{ policy }}"{%- endif %},'
+{%- else %}
-{%- endfor %}
+rule_{{ name }}_absent:
+ keystone_policy.rule_absent:
+ - path: /etc/glance/policy.json
+ - name: {{ name }}
+ - require:
+ - pkg: glance_packages
{%- endif %}
+{%- endfor %}
+
{%- endif %}