162a4dd1c5
This API policy rule can be used to specify who besides admin and service role can have access to the resources from all projects. It is added to the neutron_lib.context.Context with patch [1]. This patch also adds unit tests to check basic GET network(s) calls to the core plugin to make sure that it can return from the database resources which belongs to different projects if `context.has_global_access` is set to `True`. Those unit tests are not testing API policies are policy module is "skipped" in those unit tests completely. Additionally this patch adds documentation which describes how to use this rule in the custom policy file. [1] https://review.opendev.org/c/openstack/neutron-lib/+/954054 Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/954054 Related-bug: #2115184 Change-Id: Id68170ef7ed12ddca51610d53e6ef936d84577be Signed-off-by: Slawek Kaplonski <skaplons@redhat.com>