Merge "Ensure the sample policy file won't diverge"
This commit is contained in:
commit
b2b6856ada
|
@ -93,5 +93,24 @@
|
|||
"identity:list_roles_for_trust": "",
|
||||
"identity:check_role_for_trust": "",
|
||||
"identity:get_role_for_trust": "",
|
||||
"identity:delete_trust": ""
|
||||
"identity:delete_trust": "",
|
||||
|
||||
"identity:create_consumer": "rule:admin_required",
|
||||
"identity:get_consumer": "rule:admin_required",
|
||||
"identity:list_consumers": "rule:admin_required",
|
||||
"identity:delete_consumer": "rule:admin_required",
|
||||
"identity:update_consumer": "rule:admin_required",
|
||||
|
||||
"identity:authorize_request_token": "rule:admin_required",
|
||||
"identity:list_access_token_roles": "rule:admin_required",
|
||||
"identity:get_access_token_role": "rule:admin_required",
|
||||
"identity:list_access_tokens": "rule:admin_required",
|
||||
"identity:get_access_token": "rule:admin_required",
|
||||
"identity:delete_access_token": "rule:admin_required",
|
||||
|
||||
"identity:list_projects_for_endpoint": "rule:admin_required",
|
||||
"identity:add_endpoint_to_project": "rule:admin_required",
|
||||
"identity:check_endpoint_in_project": "rule:admin_required",
|
||||
"identity:list_endpoints_for_project": "rule:admin_required",
|
||||
"identity:remove_endpoint_from_project": "rule:admin_required"
|
||||
}
|
||||
|
|
|
@ -15,10 +15,13 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import json
|
||||
import StringIO
|
||||
import tempfile
|
||||
import urllib2
|
||||
|
||||
from testtools import matchers
|
||||
|
||||
from keystone import config
|
||||
from keystone import exception
|
||||
from keystone.openstack.common.fixture import moxstubout
|
||||
|
@ -208,3 +211,18 @@ class DefaultPolicyTestCase(tests.TestCase):
|
|||
self._set_rules(new_default_rule)
|
||||
self.assertRaises(exception.ForbiddenAction, rules.enforce,
|
||||
self.credentials, "example:noexist", {})
|
||||
|
||||
|
||||
class PolicyJsonTestCase(tests.TestCase):
|
||||
|
||||
def _load_entries(self, filename):
|
||||
return set(json.load(file(filename)))
|
||||
|
||||
def test_json_examples_have_matching_entries(self):
|
||||
policy_keys = self._load_entries(tests.etcdir('policy.json'))
|
||||
cloud_policy_keys = self._load_entries(
|
||||
tests.etcdir('policy.v3cloudsample.json'))
|
||||
|
||||
diffs = set(policy_keys).difference(set(cloud_policy_keys))
|
||||
|
||||
self.assertThat(diffs, matchers.Equals(set()))
|
||||
|
|
Loading…
Reference in New Issue