review.fuel-infra Code Review - openstack-build/neutron-build.git/commit

author	Salvatore Orlando <salv.orlando@gmail.com>
	Thu, 14 Mar 2013 17:47:51 +0000 (18:47 +0100)
committer	Salvatore Orlando <salv.orlando@gmail.com>
	Mon, 29 Apr 2013 10:12:21 +0000 (12:12 +0200)
commit	4d6f02440b7d337b7aac6ba313ee7e60ecc53214
tree	5fd8d6a005f8dac8300163c6195316a35184b7d3	tree \| snapshot
parent	07299e34d028476b2e69b5d7905bdcde478ce988	commit \| diff

Remove calls to policy.enforce from plugin and db logic

Blueprint make-authz-orthogonal

This patch implementes item #2 of the blueprint
Remove calls to policy.enforce when the policy check can be performed
safely at the API level, and modify policy.json to this aim.
This patch does not address enforce calls in the agent scheduler
extension, as that extension is currently not defined as a quantum.v2.api
resource class.
This patch also adds an API-level test case for the provider networks
extension, which was missing in Quantum and was necessary to validate
the API behaviour with the default policy settings.

Change-Id: I1c20a5870279bc5fce4470c90a210eae59675b0c

etc/policy.json		diff \| blob \| history
quantum/db/l3_db.py		diff \| blob \| history
quantum/extensions/providernet.py		diff \| blob \| history
quantum/extensions/servicetype.py		diff \| blob \| history
quantum/openstack/common/policy.py		diff \| blob \| history
quantum/plugins/bigswitch/plugin.py		diff \| blob \| history
quantum/plugins/hyperv/hyperv_quantum_plugin.py		diff \| blob \| history
quantum/plugins/linuxbridge/lb_quantum_plugin.py		diff \| blob \| history
quantum/plugins/nec/nec_plugin.py		diff \| blob \| history
quantum/plugins/nicira/QuantumPlugin.py		diff \| blob \| history
quantum/plugins/nicira/extensions/nvp_qos.py		diff \| blob \| history
quantum/plugins/openvswitch/ovs_quantum_plugin.py		diff \| blob \| history
quantum/tests/unit/test_extension_pnet.py	[new file with mode: 0644]	blob