Merge "Implement system scoped RBAC for node and driver passthru"
This commit is contained in:
commit
34d9805b9f
|
@ -956,39 +956,71 @@ driver_policies = [
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
deprecated_node_passthru = policy.DeprecatedRule(
|
||||||
|
name='baremetal:node:vendor_passthru',
|
||||||
|
check_str='rule:is_admin'
|
||||||
|
)
|
||||||
|
deprecated_driver_passthru = policy.DeprecatedRule(
|
||||||
|
name='baremetal:driver:vendor_passthru',
|
||||||
|
check_str='rule:is_admin'
|
||||||
|
)
|
||||||
|
deprecated_vendor_reason = """
|
||||||
|
The baremetal vendor passthru API is now aware of system scope and default
|
||||||
|
roles.
|
||||||
|
"""
|
||||||
|
|
||||||
vendor_passthru_policies = [
|
vendor_passthru_policies = [
|
||||||
policy.DocumentedRuleDefault(
|
policy.DocumentedRuleDefault(
|
||||||
'baremetal:node:vendor_passthru',
|
name='baremetal:node:vendor_passthru',
|
||||||
'rule:is_admin',
|
check_str=SYSTEM_ADMIN,
|
||||||
'Access vendor-specific Node functions',
|
scope_types=['system'],
|
||||||
[{'path': 'nodes/{node_ident}/vendor_passthru/methods',
|
description='Access vendor-specific Node functions',
|
||||||
'method': 'GET'},
|
operations=[
|
||||||
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
{'path': 'nodes/{node_ident}/vendor_passthru/methods',
|
||||||
'method': 'GET'},
|
'method': 'GET'},
|
||||||
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
||||||
'method': 'PUT'},
|
'method': 'GET'},
|
||||||
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
||||||
'method': 'POST'},
|
'method': 'PUT'},
|
||||||
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
||||||
'method': 'PATCH'},
|
'method': 'POST'},
|
||||||
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
||||||
'method': 'DELETE'}]),
|
'method': 'PATCH'},
|
||||||
|
{'path': 'nodes/{node_ident}/vendor_passthru?method={method_name}',
|
||||||
|
'method': 'DELETE'},
|
||||||
|
],
|
||||||
|
deprecated_rule=deprecated_node_passthru,
|
||||||
|
deprecated_reason=deprecated_vendor_reason,
|
||||||
|
deprecated_since=versionutils.deprecated.WALLABY
|
||||||
|
),
|
||||||
policy.DocumentedRuleDefault(
|
policy.DocumentedRuleDefault(
|
||||||
'baremetal:driver:vendor_passthru',
|
name='baremetal:driver:vendor_passthru',
|
||||||
'rule:is_admin',
|
check_str=SYSTEM_ADMIN,
|
||||||
'Access vendor-specific Driver functions',
|
scope_types=['system'],
|
||||||
[{'path': 'drivers/{driver_name}/vendor_passthru/methods',
|
description='Access vendor-specific Driver functions',
|
||||||
'method': 'GET'},
|
operations=[
|
||||||
{'path': 'drivers/{driver_name}/vendor_passthru?method={method_name}',
|
{'path': 'drivers/{driver_name}/vendor_passthru/methods',
|
||||||
'method': 'GET'},
|
'method': 'GET'},
|
||||||
{'path': 'drivers/{driver_name}/vendor_passthru?method={method_name}',
|
{'path': 'drivers/{driver_name}/vendor_passthru?'
|
||||||
'method': 'PUT'},
|
'method={method_name}',
|
||||||
{'path': 'drivers/{driver_name}/vendor_passthru?method={method_name}',
|
'method': 'GET'},
|
||||||
'method': 'POST'},
|
{'path': 'drivers/{driver_name}/vendor_passthru?'
|
||||||
{'path': 'drivers/{driver_name}/vendor_passthru?method={method_name}',
|
'method={method_name}',
|
||||||
'method': 'PATCH'},
|
'method': 'PUT'},
|
||||||
{'path': 'drivers/{driver_name}/vendor_passthru?method={method_name}',
|
{'path': 'drivers/{driver_name}/vendor_passthru?'
|
||||||
'method': 'DELETE'}]),
|
'method={method_name}',
|
||||||
|
'method': 'POST'},
|
||||||
|
{'path': 'drivers/{driver_name}/vendor_passthru?'
|
||||||
|
'method={method_name}',
|
||||||
|
'method': 'PATCH'},
|
||||||
|
{'path': 'drivers/{driver_name}/vendor_passthru?'
|
||||||
|
'method={method_name}',
|
||||||
|
'method': 'DELETE'}
|
||||||
|
],
|
||||||
|
deprecated_rule=deprecated_driver_passthru,
|
||||||
|
deprecated_reason=deprecated_vendor_reason,
|
||||||
|
deprecated_since=versionutils.deprecated.WALLABY
|
||||||
|
),
|
||||||
]
|
]
|
||||||
|
|
||||||
utility_policies = [
|
utility_policies = [
|
||||||
|
|
|
@ -520,90 +520,105 @@ nodes_vendor_passthru_methods_get_admin:
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_methods_get_member:
|
nodes_vendor_passthru_methods_get_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_methods_get_observer:
|
nodes_vendor_passthru_methods_get_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_get_admin:
|
nodes_vendor_passthru_get_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_get_member:
|
nodes_vendor_passthru_get_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_get_observer:
|
nodes_vendor_passthru_get_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_post_admin:
|
nodes_vendor_passthru_post_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_post_member:
|
nodes_vendor_passthru_post_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_post_observer:
|
nodes_vendor_passthru_post_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_put_admin:
|
nodes_vendor_passthru_put_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_put_member:
|
nodes_vendor_passthru_put_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_put_observer:
|
nodes_vendor_passthru_put_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_delete_admin:
|
nodes_vendor_passthru_delete_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_delete_member:
|
nodes_vendor_passthru_delete_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
nodes_vendor_passthru_delete_observer:
|
nodes_vendor_passthru_delete_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
# Node Traits - https://docs.openstack.org/api-ref/baremetal/#node-traits-nodes
|
# Node Traits - https://docs.openstack.org/api-ref/baremetal/#node-traits-nodes
|
||||||
|
|
||||||
|
@ -1631,72 +1646,84 @@ drivers_vendor_passthru_methods_get_admin:
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_methods_get_member:
|
drivers_vendor_passthru_methods_get_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_methods_get_observer:
|
drivers_vendor_passthru_methods_get_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_get_admin:
|
drivers_vendor_passthru_get_admin:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_get_member:
|
drivers_vendor_passthru_get_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_get_observer:
|
drivers_vendor_passthru_get_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_post_admin:
|
drivers_vendor_passthru_post_admin:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_post_member:
|
drivers_vendor_passthru_post_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_post_observer:
|
drivers_vendor_passthru_post_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_put_admin:
|
drivers_vendor_passthru_put_admin:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_put_member:
|
drivers_vendor_passthru_put_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
drivers_vendor_passthru_put_observer:
|
drivers_vendor_passthru_put_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
deprecated: true
|
||||||
|
|
||||||
# NOTE(TheJulia): Returns an error due to the driver name
|
# NOTE(TheJulia): Returns an error due to the driver name
|
||||||
# not matching, but this should be pass policy checking.
|
# not matching, but this should be pass policy checking.
|
||||||
|
@ -1706,18 +1733,21 @@ drivers_vendor_passthru_delete_admin:
|
||||||
method: delete
|
method: delete
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
|
skip_reason: not updated for scope testing
|
||||||
|
|
||||||
drivers_vendor_passthru_delete_observer:
|
drivers_vendor_passthru_delete_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *member_headers
|
headers: *member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
skip_reason: not updated for scope testing
|
||||||
|
|
||||||
drivers_vendor_passthru_delete_observer:
|
drivers_vendor_passthru_delete_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
|
skip_reason: not updated for scope testing
|
||||||
|
|
||||||
# Node Bios - https://docs.openstack.org/api-ref/baremetal/#node-bios-nodes
|
# Node Bios - https://docs.openstack.org/api-ref/baremetal/#node-bios-nodes
|
||||||
|
|
||||||
|
|
|
@ -455,105 +455,90 @@ nodes_vendor_passthru_methods_get_admin:
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_methods_get_member:
|
nodes_vendor_passthru_methods_get_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_methods_get_observer:
|
nodes_vendor_passthru_methods_get_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
path: '/v1/nodes/{node_ident}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_get_admin:
|
nodes_vendor_passthru_get_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_get_member:
|
nodes_vendor_passthru_get_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_get_observer:
|
nodes_vendor_passthru_get_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_post_admin:
|
nodes_vendor_passthru_post_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_post_member:
|
nodes_vendor_passthru_post_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_post_observer:
|
nodes_vendor_passthru_post_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_put_admin:
|
nodes_vendor_passthru_put_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_put_member:
|
nodes_vendor_passthru_put_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_put_observer:
|
nodes_vendor_passthru_put_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_delete_admin:
|
nodes_vendor_passthru_delete_admin:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 503
|
assert_status: 503
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_delete_member:
|
nodes_vendor_passthru_delete_member:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
nodes_vendor_passthru_delete_observer:
|
nodes_vendor_passthru_delete_observer:
|
||||||
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
path: '/v1/nodes/{node_ident}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: policy not implemented yet
|
|
||||||
|
|
||||||
# Node Traits - https://docs.openstack.org/api-ref/baremetal/#node-traits-nodes
|
# Node Traits - https://docs.openstack.org/api-ref/baremetal/#node-traits-nodes
|
||||||
|
|
||||||
|
@ -1523,84 +1508,72 @@ drivers_vendor_passthru_methods_get_admin:
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_methods_get_member:
|
drivers_vendor_passthru_methods_get_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_methods_get_observer:
|
drivers_vendor_passthru_methods_get_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
path: '/v1/drivers/{driver_name}/vendor_passthru/methods'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_get_admin:
|
drivers_vendor_passthru_get_admin:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_get_member:
|
drivers_vendor_passthru_get_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_get_observer:
|
drivers_vendor_passthru_get_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: get
|
method: get
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_post_admin:
|
drivers_vendor_passthru_post_admin:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_post_member:
|
drivers_vendor_passthru_post_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_post_observer:
|
drivers_vendor_passthru_post_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: post
|
method: post
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_put_admin:
|
drivers_vendor_passthru_put_admin:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_put_member:
|
drivers_vendor_passthru_put_member:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_put_observer:
|
drivers_vendor_passthru_put_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: put
|
method: put
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
# NOTE(TheJulia): Returns an error due to the driver name
|
# NOTE(TheJulia): Returns an error due to the driver name
|
||||||
# not matching, but this should be pass policy checking.
|
# not matching, but this should be pass policy checking.
|
||||||
|
@ -1610,21 +1583,18 @@ drivers_vendor_passthru_delete_admin:
|
||||||
method: delete
|
method: delete
|
||||||
headers: *admin_headers
|
headers: *admin_headers
|
||||||
assert_status: 404
|
assert_status: 404
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_delete_observer:
|
drivers_vendor_passthru_delete_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *scoped_member_headers
|
headers: *scoped_member_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
drivers_vendor_passthru_delete_observer:
|
drivers_vendor_passthru_delete_observer:
|
||||||
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
path: '/v1/drivers/{driver_name}/vendor_passthru?method=test'
|
||||||
method: delete
|
method: delete
|
||||||
headers: *observer_headers
|
headers: *observer_headers
|
||||||
assert_status: 403
|
assert_status: 403
|
||||||
skip_reason: not updated for scope testing
|
|
||||||
|
|
||||||
# Node Bios - https://docs.openstack.org/api-ref/baremetal/#node-bios-nodes
|
# Node Bios - https://docs.openstack.org/api-ref/baremetal/#node-bios-nodes
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@ features:
|
||||||
- |
|
- |
|
||||||
The Baremetal API, provided by the ironic-api process, now supports use of
|
The Baremetal API, provided by the ironic-api process, now supports use of
|
||||||
``system`` scoped ``keystone`` authentication for the following endpoints:
|
``system`` scoped ``keystone`` authentication for the following endpoints:
|
||||||
nodes, ports, portgroups, chassis, drivers
|
nodes, ports, portgroups, chassis, drivers, vendor passthru.
|
||||||
upgrade:
|
upgrade:
|
||||||
- |
|
- |
|
||||||
Deprecated policy rules are not expressed via a default policy file
|
Deprecated policy rules are not expressed via a default policy file
|
||||||
|
|
Loading…
Reference in New Issue