From f3f85fa2c43c71791b3bba5c2abd52ff3b8cc128 Mon Sep 17 00:00:00 2001
From: Brian Haley <haleyb.dev@gmail.com>
Date: Mon, 14 Apr 2025 22:48:03 -0400
Subject: [PATCH] Remove deprecated plugin argument from policy calls

The plugin argument for policy check() and enforce() calls
is unused and considered deprecated since before quantum
was renamed neutron. Remove it and fix the places it was
being passed.

TrivialFix

Change-Id: Ifd02449e6956251ffbc7804745302c97664c0534
---
 neutron/api/v2/base.py                         | 2 +-
 neutron/extensions/quotasv2.py                 | 3 +--
 neutron/pecan_wsgi/hooks/policy_enforcement.py | 2 --
 neutron/policy.py                              | 9 ++-------
 4 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/neutron/api/v2/base.py b/neutron/api/v2/base.py
index 48313267a1d..e867d43111f 100644
--- a/neutron/api/v2/base.py
+++ b/neutron/api/v2/base.py
@@ -326,7 +326,7 @@ class Controller:
                     request, obj, parent_id, is_get=True)
                 if policy.check(
                         request.context, self._plugin_handlers[self.SHOW],
-                        obj, plugin=self._plugin, pluralized=self._collection):
+                        obj, pluralized=self._collection):
                     tmp_list.append(obj)
             obj_list = tmp_list
         # Use the first element in the list for discriminating which attributes
diff --git a/neutron/extensions/quotasv2.py b/neutron/extensions/quotasv2.py
index 1c6e1c882ca..066481987ec 100644
--- a/neutron/extensions/quotasv2.py
+++ b/neutron/extensions/quotasv2.py
@@ -51,8 +51,7 @@ LOG = logging.getLogger(__name__)
 def validate_policy(context, policy_name):
     policy.enforce(context,
                    policy_name,
-                   target={'project_id': context.project_id},
-                   plugin=None)
+                   target={'project_id': context.project_id})
 
 
 class QuotaSetsController(wsgi.Controller):
diff --git a/neutron/pecan_wsgi/hooks/policy_enforcement.py b/neutron/pecan_wsgi/hooks/policy_enforcement.py
index a6b469edc40..08c2b320065 100644
--- a/neutron/pecan_wsgi/hooks/policy_enforcement.py
+++ b/neutron/pecan_wsgi/hooks/policy_enforcement.py
@@ -174,14 +174,12 @@ class PolicyHook(hooks.PecanHook):
         # in the single case, we enforce which raises on violation
         # in the plural case, we just check so violating items are hidden
         policy_method = policy.enforce if is_single else policy.check
-        plugin = manager.NeutronManager.get_plugin_for_resource(collection)
         try:
             resp = [self._get_filtered_item(state.request, controller,
                                             resource, collection, item)
                     for item in to_process
                     if (state.request.method != 'GET' or
                         policy_method(neutron_context, action, item,
-                                      plugin=plugin,
                                       pluralized=collection))]
         except (oslo_policy.PolicyNotAuthorized, oslo_policy.InvalidScope):
             # This exception must be explicitly caught as the exception
diff --git a/neutron/policy.py b/neutron/policy.py
index 9e631baa40b..0d4e93bf885 100644
--- a/neutron/policy.py
+++ b/neutron/policy.py
@@ -464,8 +464,7 @@ def log_rule_list(match_rule):
         LOG.debug("Enforcing rules: %s", rules)
 
 
-def check(context, action, target, plugin=None, might_not_exist=False,
-          pluralized=None):
+def check(context, action, target, might_not_exist=False, pluralized=None):
     """Verifies that the action is valid on the target in this context.
 
     :param context: neutron context
@@ -474,8 +473,6 @@ def check(context, action, target, plugin=None, might_not_exist=False,
     :param target: dictionary representing the object of the action
         for object creation this should be a dictionary representing the
         location of the object e.g. ``{'project_id': context.project_id}``
-    :param plugin: currently unused and deprecated.
-        Kept for backward compatibility.
     :param might_not_exist: If True the policy check is skipped (and the
         function returns True) if the specified policy does not exist.
         Defaults to false.
@@ -504,7 +501,7 @@ def check(context, action, target, plugin=None, might_not_exist=False,
                              pluralized=pluralized)
 
 
-def enforce(context, action, target, plugin=None, pluralized=None):
+def enforce(context, action, target, pluralized=None):
     """Verifies that the action is valid on the target in this context.
 
     :param context: neutron context
@@ -513,8 +510,6 @@ def enforce(context, action, target, plugin=None, pluralized=None):
     :param target: dictionary representing the object of the action
         for object creation this should be a dictionary representing the
         location of the object e.g. ``{'project_id': context.project_id}``
-    :param plugin: currently unused and deprecated.
-        Kept for backward compatibility.
     :param pluralized: pluralized case of resource
         e.g. firewall_policy -> pluralized = "firewall_policies"