From: Ben Steffen <bds@mit.edu>
Date: Sat, 21 Dec 2019 01:29:20 +0000 (-0500)
Subject: Refactor authz
X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-base.git/commitdiff_plain/refs/heads/2to3?ds=sidebyside

Refactor authz
---

diff --git a/python/invirt/authz.py b/python/invirt/authz.py
index 7471ac1..60bcf67 100644
--- a/python/invirt/authz.py
+++ b/python/invirt/authz.py
@@ -4,7 +4,7 @@ Invirt authorization.
 This module acts as a loader for the pluggable authorization system.
 
 Any Python module which wishes to provide an authorization scheme for
-Invirt should advertise an entry point in the invirt.authz group with
+Invirt should advertise an entry point in the invirt.authz namespace with
 a unique name. That name can then be configured in
 /etc/invirt/master.yaml as the authz mechanism.
 """
@@ -14,12 +14,12 @@ import pkg_resources
 from invirt.config import config
 
 
+authz_module = next(pkg_resources.iter_entry_points('invirt.authz', config['authz.name'])).load()
+
 def expand_owner(name):
-    """Expand an "owner" to a list of authorized users."""
-    for ep in pkg_resources.iter_entry_points('invirt.authz', config['authz.name']):
-        return ep.load().expandOwner(name)
+    """Expand an 'owner' to a list of authorized users."""
+    return authz_module.expandOwner(name)
 
 def expand_admin(name):
-    """Expand an "administrator" to a list of authorized users."""
-    for ep in pkg_resources.iter_entry_points('invirt.authz', config['authz.name']):
-        return ep.load().expandAdmin(name)
+    """Expand an 'administrator' to a list of authorized users."""
+    return authz_module.expandAdmin(name)