)]}'
{"openstack_auth/policy.py":[{"author":{"_account_id":29313,"name":"Vishal Manchanda","email":"manchandavishal143@gmail.com","username":"vishalmanchanda"},"change_message_id":"3d4f8211613e1773c793d720ffa80011aa8f84d6","unresolved":false,"context_lines":[{"line_number":64,"context_line":"            policy_file, policy_dirs \u003d _get_policy_file_with_full_path(service)"},{"line_number":65,"context_line":"            conf \u003d _get_policy_conf(policy_file, policy_dirs)"},{"line_number":66,"context_line":"            enforcer \u003d policy.Enforcer(conf)"},{"line_number":67,"context_line":"            try:"},{"line_number":68,"context_line":"                enforcer.load_rules()"},{"line_number":69,"context_line":"            except IOError:"},{"line_number":70,"context_line":"                # Just in case if we have permission denied error which is not"},{"line_number":71,"context_line":"                # handled by oslo.policy now. It will handled in the code like"},{"line_number":72,"context_line":"                # we don\u0027t have any policy file: allow action from the Horizon"},{"line_number":73,"context_line":"                # side."},{"line_number":74,"context_line":"                pass"},{"line_number":75,"context_line":"            # Ensure enforcer.rules is populated."},{"line_number":76,"context_line":"            if enforcer.rules:"},{"line_number":77,"context_line":"                LOG.debug(\"adding enforcer for service: %s\", service)"}],"source_content_type":"text/x-python","patch_set":1,"id":"7faddb67_487551cb","line":74,"range":{"start_line":67,"start_character":0,"end_line":74,"end_character":20},"updated":"2019-09-03 11:30:28.000000000","message":"Since the oslo.policy code uses ConfigFilesNotFoundError[1] for handling files not found, i think we should use ConfigFilesPermissionDeniedError[2].\nAlso if this error ocurred in horizon, it might occur in cinder and nova too since they also don\u0027t handle this exception.\nThe optimal fix of this would be to fix it in oslo.policy code.\n[1] https://github.com/openstack/oslo.policy/blob/master/oslo_policy/policy.py#L560\n[2] https://github.com/openstack/oslo.config/blob/0bc22839b09fcd7ae2de4f7fe5d63ac055fd0a78/oslo_config/cfg.py#L171-L179","commit_id":"115db20ba07556ae0c4111bb184cdd02cd5908cf"},{"author":{"_account_id":841,"name":"Akihiro Motoki","email":"amotoki@gmail.com","username":"amotoki"},"change_message_id":"e7f2ed173da28954baa554dad4188074d75fa12b","unresolved":false,"context_lines":[{"line_number":64,"context_line":"            policy_file, policy_dirs \u003d _get_policy_file_with_full_path(service)"},{"line_number":65,"context_line":"            conf \u003d _get_policy_conf(policy_file, policy_dirs)"},{"line_number":66,"context_line":"            enforcer \u003d policy.Enforcer(conf)"},{"line_number":67,"context_line":"            try:"},{"line_number":68,"context_line":"                enforcer.load_rules()"},{"line_number":69,"context_line":"            except IOError:"},{"line_number":70,"context_line":"                # Just in case if we have permission denied error which is not"},{"line_number":71,"context_line":"                # handled by oslo.policy now. It will handled in the code like"},{"line_number":72,"context_line":"                # we don\u0027t have any policy file: allow action from the Horizon"},{"line_number":73,"context_line":"                # side."},{"line_number":74,"context_line":"                pass"},{"line_number":75,"context_line":"            # Ensure enforcer.rules is populated."},{"line_number":76,"context_line":"            if enforcer.rules:"},{"line_number":77,"context_line":"                LOG.debug(\"adding enforcer for service: %s\", service)"}],"source_content_type":"text/x-python","patch_set":1,"id":"3fa7e38b_22090295","line":74,"range":{"start_line":67,"start_character":0,"end_line":74,"end_character":20},"in_reply_to":"7faddb67_0bfd13b1","updated":"2019-09-26 15:28:51.000000000","message":"It is nice if some warning message is logged.","commit_id":"115db20ba07556ae0c4111bb184cdd02cd5908cf"},{"author":{"_account_id":1736,"name":"Ivan Kolodyazhny","email":"e0ne@e0ne.info","username":"e0ne"},"change_message_id":"1d8afb5ea1ada27f2f728a597ec4645288b0e0c6","unresolved":false,"context_lines":[{"line_number":64,"context_line":"            policy_file, policy_dirs \u003d _get_policy_file_with_full_path(service)"},{"line_number":65,"context_line":"            conf \u003d _get_policy_conf(policy_file, policy_dirs)"},{"line_number":66,"context_line":"            enforcer \u003d policy.Enforcer(conf)"},{"line_number":67,"context_line":"            try:"},{"line_number":68,"context_line":"                enforcer.load_rules()"},{"line_number":69,"context_line":"            except IOError:"},{"line_number":70,"context_line":"                # Just in case if we have permission denied error which is not"},{"line_number":71,"context_line":"                # handled by oslo.policy now. It will handled in the code like"},{"line_number":72,"context_line":"                # we don\u0027t have any policy file: allow action from the Horizon"},{"line_number":73,"context_line":"                # side."},{"line_number":74,"context_line":"                pass"},{"line_number":75,"context_line":"            # Ensure enforcer.rules is populated."},{"line_number":76,"context_line":"            if enforcer.rules:"},{"line_number":77,"context_line":"                LOG.debug(\"adding enforcer for service: %s\", service)"}],"source_content_type":"text/x-python","patch_set":1,"id":"7faddb67_0bfd13b1","line":74,"range":{"start_line":67,"start_character":0,"end_line":74,"end_character":20},"in_reply_to":"7faddb67_487551cb","updated":"2019-09-03 11:58:58.000000000","message":"Thank for the suggestion Vishal.\n\nUnfortunately, we can\u0027t just change [1] to get everything working. I need to dig deeper to understand how can it be handled in oslo.policy. Until it, I would like to get the fix landed in Horizon.\n\nAnyway, it\u0027s a community decision to approve this patch or not.","commit_id":"115db20ba07556ae0c4111bb184cdd02cd5908cf"},{"author":{"_account_id":841,"name":"Akihiro Motoki","email":"amotoki@gmail.com","username":"amotoki"},"change_message_id":"60bbb48d5e92fb8cbeb9463155335be45a151538","unresolved":false,"context_lines":[{"line_number":73,"context_line":"                # side."},{"line_number":74,"context_line":"                LOG.warning(\"Cannot load a policy file \u0027%s\u0027 for service \u0027%s\u0027 \""},{"line_number":75,"context_line":"                            \"due to IOError. One possible reason is \""},{"line_number":76,"context_line":"                            \"permission defined\", policy_file, service)"},{"line_number":77,"context_line":"            # Ensure enforcer.rules is populated."},{"line_number":78,"context_line":"            if enforcer.rules:"},{"line_number":79,"context_line":"                LOG.debug(\"adding enforcer for service: %s\", service)"}],"source_content_type":"text/x-python","patch_set":3,"id":"3fa7e38b_c5103851","line":76,"range":{"start_line":76,"start_character":40,"end_line":76,"end_character":47},"updated":"2019-09-26 15:44:02.000000000","message":"- typo: defined -\u003e denied (my bad!!)\n- A period is needed at the end.","commit_id":"339000fef51f948924be42a10a4d06ee79538693"}]}