d7592cbe25
Adds below things for the implementation of framework for registering and using default policy rules. * Policy-in-code The framework for registering and using default policy rules. Rules should be defined and returned from a module in masakari/policies/, and then added to the list in masakari/policies/__init__.py. A new context.can() method has been added for policy enforcement of registered rules. It has the same parameters as the enforce() method currently being used. * Add policy sample generation The entry point and config file necessary for using the oslo.policy sample generation script. It also adds a tox target to simplify the usage of it. * Add policy documentation and sample file Documentation and sample file for default policy in code feature. * Hacking check for policy registration It ensures that policy registration happens in the centralized masakari/policies/ directory. * Hacking check for _ENFORCER.enforce() Hacking check in order to ensure that only registered policies are used for authorization checks _ENFORCER.authorize should be used rather than _ENFORCER.enforce. * Add entry_point for oslo policy scripts There are two helper scripts in oslo.policy to help deployers understand their policy configuration better. With the setup.cfg entry these can be called directly from oslo.policy. Changes done here are with the reference of [1] at NOVA side which is contributed by Andrew Laski and Claudiu Belu [1] https://review.openstack.org/#/q/topic:bp/policy-in-code+project:openstack/nova+status:merged Change-Id: If885a66d92c31be440d27d6780635800a0b12e3e