CORD-1570: Re-implementation of XOS Security via xproto at the API boundary
Change-Id: I9cb6380b0798a5f4af2f0459c5decd0b9edbb317
diff --git a/lib/xos-genx/xosgenx/targets/service.xtarget b/lib/xos-genx/xosgenx/targets/service.xtarget
index 5336f82..bf14b83 100644
--- a/lib/xos-genx/xosgenx/targets/service.xtarget
+++ b/lib/xos-genx/xosgenx/targets/service.xtarget
@@ -73,6 +73,15 @@
policy_{{policy}}_validator(self, None)
{% endfor %}
super({{ m.name }}{{ legacy_tag }}, self).save(*args, **kwds)
+
+ def can_access(self, ctx):
+ {% if m.policy %}
+ verdict = security.{{m.policy}}_security_check(self, ctx)
+ return verdict,"{{ m.policy }}"
+ {% else %}
+ verdict = True
+ return verdict,"xos_default_policy"
+ {% endif %}
{% if file_exists(m.name|lower+'_bottom.py') -%}{{ include_file(m.name|lower+'_bottom.py') }}{% endif %}
{% endfor %}