Merge "revert "Ensure that only cloud admins are neutron admins""
This commit is contained in:
commit
0ce27d3575
|
@ -14,6 +14,7 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import os
|
||||
import sys
|
||||
import uuid
|
||||
from subprocess import (
|
||||
|
@ -65,6 +66,7 @@ from charmhelpers.contrib.openstack.utils import (
|
|||
|
||||
from neutron_api_utils import (
|
||||
additional_install_locations,
|
||||
ADMIN_POLICY,
|
||||
API_PASTE_INI,
|
||||
api_port,
|
||||
assess_status,
|
||||
|
@ -298,6 +300,11 @@ def config_changed():
|
|||
configure_https()
|
||||
update_nrpe_config()
|
||||
infoblox_changed()
|
||||
# This part can be removed for U.
|
||||
if os.path.exists(ADMIN_POLICY):
|
||||
# Clean 00-admin.json added for bug/1830536. At has been
|
||||
# noticed that it creates regression.
|
||||
os.remove(ADMIN_POLICY)
|
||||
CONFIGS.write_all()
|
||||
if packages_removed and not is_unit_paused_set():
|
||||
log("Package purge detected, restarting services", "INFO")
|
||||
|
|
|
@ -462,13 +462,6 @@ def resource_map(release=None):
|
|||
release = release or os_release('neutron-common')
|
||||
|
||||
resource_map = deepcopy(BASE_RESOURCE_MAP)
|
||||
if CompareOpenStackReleases(release) >= 'queens':
|
||||
resource_map[ADMIN_POLICY] = {
|
||||
'contexts': [
|
||||
neutron_api_context.IdentityServiceContext(
|
||||
service='neutron',
|
||||
service_user='neutron')],
|
||||
'services': ['neutron-server']}
|
||||
if CompareOpenStackReleases(release) >= 'liberty':
|
||||
resource_map.update(LIBERTY_RESOURCE_MAP)
|
||||
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
"is_service_project": "project_id:{{ service_project_id }} or domain_id:{{ service_domain_id }}"
|
||||
"context_is_admin": "role:admin and (is_admin_project:True or rule:is_service_project)"
|
|
@ -187,7 +187,7 @@ class TestNeutronAPIUtils(CharmTestCase):
|
|||
_map = nutils.resource_map()
|
||||
confs = [nutils.NEUTRON_CONF, nutils.NEUTRON_DEFAULT,
|
||||
nutils.APACHE_CONF, nutils.NEUTRON_LBAAS_CONF,
|
||||
nutils.NEUTRON_VPNAAS_CONF, nutils.ADMIN_POLICY]
|
||||
nutils.NEUTRON_VPNAAS_CONF]
|
||||
[self.assertIn(q_conf, _map.keys()) for q_conf in confs]
|
||||
self.assertTrue(nutils.APACHE_24_CONF not in _map.keys())
|
||||
|
||||
|
|
Loading…
Reference in New Issue