review.fuel-infra Code Review - openstack-build/neutron-build.git/commit

author	Salvatore Orlando <salv.orlando@gmail.com>
	Fri, 17 Apr 2015 23:59:42 +0000 (16:59 -0700)
committer	Salvatore Orlando <salv.orlando@gmail.com>
	Thu, 23 Apr 2015 14:10:34 +0000 (07:10 -0700)
commit	4625c45a30ffe09fbd29c16337e64e264de75bd8
tree	4a2eb153cce0c019d6eaf50bf151aff5ceef9afd	tree \| snapshot
parent	cdd73ba053edd0df8fe9a916030cd80f630e183c	commit \| diff

Remove backward compatibility for check_is_admin

This routine in policy.py used to have a backward compatibility
check to ensure proper behaviour even when the policy.json file
did not have a specific 'context_is_admin' policy.
However, this backward compatibility check does not work. It
appears indeed that it has been broken for several release cycles;
it is also possible that actually it never worked.
When the 'context_is_admin' policy is not in the policy.json file
the enforcer simply ends up evaluating whatever is the default
policy configured there.

Therefore this patch:
- Removes the backward compatibility check, since it does not work
- Fails, for safety, check_is_admin if 'context_is_admin' policy is
  not specified
- Fixeds check_is_advsvc in the same way (the backward compatibility
  check never made any sense for this function)
- Fixes unit tests adding appropriate tests for check_is_admin and
  check_is_advsvc

Change-Id: Ia47e5781d86a3f21b9d837c9ac70a62ac435d20b
Closes-Bug: #1445690

neutron/policy.py		diff \| blob \| history
neutron/tests/unit/test_policy.py		diff \| blob \| history