Consistent policies

All of the documentation for these is going into user-facing docs, so clean them up accordingly. Change-Id: I5f9c284525bac773a897b7acc3773ac5851b9632 Implements: blueprint policy-docs
2017-07-03 11:25:33 +01:00
parent 56c4d684bf
commit 6f8fe3cb14
36 changed files with 73 additions and 72 deletions
--- a/nova/policies/aggregates.py
+++ b/nova/policies/aggregates.py
@@ -35,7 +35,7 @@ aggregates_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'add_host',
        base.RULE_ADMIN_API,
-        "Add a host to an aggregate.",
+        "Add a host to an aggregate",
        [
            {
                'path': '/os-aggregates/{aggregate_id}/action (add_host)',
@@ -95,7 +95,7 @@ aggregates_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'show',
        base.RULE_ADMIN_API,
-        "Show details for an aggregate.",
+        "Show details for an aggregate",
        [
            {
                'path': '/os-aggregates/{aggregate_id}',
--- a/nova/policies/attach_interfaces.py
+++ b/nova/policies/attach_interfaces.py
@@ -26,8 +26,8 @@ attach_interfaces_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        "List port interfaces or show details of a port \
+        "List port interfaces or show details of a port interface attached "
-interface attached to a server",
+        "to a server",
        [
            {
                'method': 'GET',
@@ -41,7 +41,7 @@ interface attached to a server",
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'create',
        base.RULE_ADMIN_OR_OWNER,
-        'Attach an interface to a server',
+        "Attach an interface to a server",
        [
            {
                'method': 'POST',
@@ -51,7 +51,7 @@ interface attached to a server",
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'delete',
        base.RULE_ADMIN_OR_OWNER,
-        'Detach an interface from a server',
+        "Detach an interface from a server",
        [
            {
                'method': 'DELETE',
--- a/nova/policies/availability_zone.py
+++ b/nova/policies/availability_zone.py
@@ -25,7 +25,7 @@ availability_zone_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'list',
        base.RULE_ADMIN_OR_OWNER,
-        "Lists availability zone information without host information",
+        "List availability zone information without host information",
        [
            {
                'method': 'GET',
@@ -35,7 +35,7 @@ availability_zone_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'detail',
        base.RULE_ADMIN_API,
-        "Lists detailed availability zone information with host information",
+        "List detailed availability zone information with host information",
        [
            {
                'method': 'GET',
--- a/nova/policies/cells.py
+++ b/nova/policies/cells.py
@@ -46,7 +46,7 @@ cells_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        'List and get detailed info of a given cell or all cells',
+        'List and show detailed info for a given cell or all cells',
        [
            {
                'method': 'GET',
--- a/nova/policies/config_drive.py
+++ b/nova/policies/config_drive.py
@@ -25,7 +25,7 @@ config_drive_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """Add 'config_drive' attribute in the server response.""",
+        "Add 'config_drive' attribute in the server response",
        [
            {
                'method': 'GET',
--- a/nova/policies/console_auth_tokens.py
+++ b/nova/policies/console_auth_tokens.py
@@ -25,8 +25,8 @@ console_auth_tokens_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        'Show console connection information for a given console \
+        "Show console connection information for a given console "
-authentication token',
+        "authentication token",
        [
            {
                'method': 'GET',
--- a/nova/policies/deferred_delete.py
+++ b/nova/policies/deferred_delete.py
@@ -25,8 +25,8 @@ deferred_delete_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        'Restore a soft deleted server or force delete a server before \
+        "Restore a soft deleted server or force delete a server before "
-deferred cleanup',
+        "deferred cleanup",
        [
            {
                'method': 'POST',
--- a/nova/policies/extended_availability_zone.py
+++ b/nova/policies/extended_availability_zone.py
@@ -25,7 +25,7 @@ extended_availability_zone_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        "Add `OS-EXT-AZ:availability_zone` into the server response.",
+        "Add `OS-EXT-AZ:availability_zone` into the server response",
        [
            {
                'method': 'GET',
--- a/nova/policies/extended_server_attributes.py
+++ b/nova/policies/extended_server_attributes.py
@@ -28,15 +28,16 @@ extended_server_attributes_policies = [
        """Return extended attributes for server.
 This rule will control the visibility for a set of servers attributes:
-    OS-EXT-SRV-ATTR:host
+
-    OS-EXT-SRV-ATTR:instance_name
+- OS-EXT-SRV-ATTR:host
-    OS-EXT-SRV-ATTR:reservation_id (since microversion 2.3)
+- OS-EXT-SRV-ATTR:instance_name
-    OS-EXT-SRV-ATTR:launch_index (since microversion 2.3)
+- OS-EXT-SRV-ATTR:reservation_id (since microversion 2.3)
-    OS-EXT-SRV-ATTR:hostname (since microversion 2.3)
+- OS-EXT-SRV-ATTR:launch_index (since microversion 2.3)
-    OS-EXT-SRV-ATTR:kernel_id (since microversion 2.3)
+- OS-EXT-SRV-ATTR:hostname (since microversion 2.3)
-    OS-EXT-SRV-ATTR:ramdisk_id (since microversion 2.3)
+- OS-EXT-SRV-ATTR:kernel_id (since microversion 2.3)
-    OS-EXT-SRV-ATTR:root_device_name (since microversion 2.3)
+- OS-EXT-SRV-ATTR:ramdisk_id (since microversion 2.3)
-    OS-EXT-SRV-ATTR:user_data (since microversion 2.3)""",
+- OS-EXT-SRV-ATTR:root_device_name (since microversion 2.3)
 - OS-EXT-SRV-ATTR:user_data (since microversion 2.3)""",
        [
            {
                'method': 'GET',
--- a/nova/policies/extended_status.py
+++ b/nova/policies/extended_status.py
@@ -28,9 +28,10 @@ extended_status_policies = [
        """Return extended status in the response of server.
 This policy will control the visibility for a set of attributes:
-    OS-EXT-STS:task_state
+
-    OS-EXT-STS:vm_state
+- OS-EXT-STS:task_state
-    OS-EXT-STS:power_state
+- OS-EXT-STS:vm_state
 - OS-EXT-STS:power_state
 """,
        [
            {
--- a/nova/policies/extended_volumes.py
+++ b/nova/policies/extended_volumes.py
@@ -26,7 +26,7 @@ extended_volumes_policies = [
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
        "Return 'os-extended-volumes:volumes_attached' in the response of "
-        "server.",
+        "server",
        [
            {
                'method': 'GET',
--- a/nova/policies/extensions.py
+++ b/nova/policies/extensions.py
@@ -25,8 +25,8 @@ extensions_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        "Lists available extensions and shows information for an extension "
+        "List available extensions and show information for an extension "
-        "by alias.",
+        "by alias",
        [
            {
                'method': 'GET',
--- a/nova/policies/fixed_ips.py
+++ b/nova/policies/fixed_ips.py
@@ -25,7 +25,7 @@ fixed_ips_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        """Shows details for, reserve and unreserve a fixed IP address.
+        """Show details for, reserve and unreserve a fixed IP address.
 These APIs are only available with nova-network which is deprecated.""",
        [
--- a/nova/policies/flavor_access.py
+++ b/nova/policies/flavor_access.py
@@ -47,7 +47,7 @@ flavor_access_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """Allow the listing of flavor access information
+        """List flavor access information
 Adds the os-flavor-access:is_public key into several flavor APIs.
--- a/nova/policies/flavor_rxtx.py
+++ b/nova/policies/flavor_rxtx.py
@@ -26,7 +26,7 @@ flavor_rxtx_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        "Adds the rxtx_factor key into some Flavor APIs",
+        "Add the rxtx_factor key into some Flavor APIs",
        [
            {
                'method': 'GET',
--- a/nova/policies/hosts.py
+++ b/nova/policies/hosts.py
@@ -25,7 +25,7 @@ hosts_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        """List, Show and Manage physical hosts.
+        """List, show and manage physical hosts.
 These APIs are all deprecated in favor of os-hypervisors and os-services.""",
        [
--- a/nova/policies/hypervisors.py
+++ b/nova/policies/hypervisors.py
@@ -29,12 +29,11 @@ hypervisors_policies = [
 This rule will be checked for the following APIs:
-List all hypervisors, list all hypervisors with details, show
+List all hypervisors, list all hypervisors with details, show summary
-summary statistics for all hypervisors over all compute nodes,
+statistics for all hypervisors over all compute nodes, show details for a
-show details for a hypervisor, show the uptime of a hypervisor,
+hypervisor, show the uptime of a hypervisor, search hypervisor by
-search hypervisor by hypervisor_hostname pattern and list all
+hypervisor_hostname pattern and list all servers on hypervisors that can match
-servers on hypervisors that can match the provided hypervisor_hostname
+the provided hypervisor_hostname pattern.""",
 pattern.""",
        [
            {
                'path': '/os-hypervisors',
--- a/nova/policies/instance_usage_audit_log.py
+++ b/nova/policies/instance_usage_audit_log.py
@@ -25,8 +25,9 @@ instance_usage_audit_log_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        """Lists all usage audits and that occurred before a specified time
+        "List all usage audits and that occurred before a specified time "
-for all servers on all compute hosts where usage auditing is configured.""",
+        "for all servers on all compute hosts where usage auditing is "
        "configured",
        [
            {
                'method': 'GET',
--- a/nova/policies/ips.py
+++ b/nova/policies/ips.py
@@ -25,7 +25,7 @@ ips_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'show',
        base.RULE_ADMIN_OR_OWNER,
-        """Shows IP addresses details for a network label of a server.""",
+        "Show IP addresses details for a network label of a server",
        [
            {
                'method': 'GET',
@@ -35,7 +35,7 @@ ips_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'index',
        base.RULE_ADMIN_OR_OWNER,
-        """Lists IP addresses that are assigned to a server.""",
+        "List IP addresses that are assigned to a server",
        [
            {
                'method': 'GET',
--- a/nova/policies/limits.py
+++ b/nova/policies/limits.py
@@ -25,7 +25,7 @@ limits_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """Shows rate and absolute limits for the project.""",
+        "Show rate and absolute limits for the project",
        [
            {
                'method': 'GET',
--- a/nova/policies/lock_server.py
+++ b/nova/policies/lock_server.py
@@ -49,8 +49,8 @@ lock_server_policies = [
        base.RULE_ADMIN_API,
        """Unlock a server, regardless who locked the server.
-        This check is performed only after the check
+This check is performed only after the check
-        os_compute_api:os-lock-server:unlock passes""",
+os_compute_api:os-lock-server:unlock passes""",
        [
            {
                'path': '/servers/{server_id}/action (unlock)',
--- a/nova/policies/multinic.py
+++ b/nova/policies/multinic.py
@@ -25,7 +25,7 @@ multinic_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """Adds or Removes a fixed IP address from a server.
+        """Add or remove a fixed IP address from a server.
 These APIs are proxy calls to the Network service. These are all
 deprecated.""",
--- a/nova/policies/networks_associate.py
+++ b/nova/policies/networks_associate.py
@@ -25,7 +25,7 @@ networks_associate_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        """Associates and Disassociates a network from a host or project.
+        """Associate or disassociate a network from a host or project.
 These APIs are only available with nova-network which is deprecated.""",
        [
--- a/nova/policies/pause_server.py
+++ b/nova/policies/pause_server.py
@@ -25,7 +25,7 @@ pause_server_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'pause',
        base.RULE_ADMIN_OR_OWNER,
-        "Pause a server.",
+        "Pause a server",
        [
            {
                'path': '/servers/{server_id}/action (pause)',
@@ -36,7 +36,7 @@ pause_server_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'unpause',
        base.RULE_ADMIN_OR_OWNER,
-        "Unpause a paused server.",
+        "Unpause a paused server",
        [
            {
                'path': '/servers/{server_id}/action (unpause)',
--- a/nova/policies/remote_consoles.py
+++ b/nova/policies/remote_consoles.py
@@ -25,7 +25,7 @@ remote_consoles_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        "Generates a URL to access remove server console",
+        "Generate a URL to access remove server console",
        [
            {
                'method': 'POST',
--- a/nova/policies/security_group_default_rules.py
+++ b/nova/policies/security_group_default_rules.py
@@ -25,10 +25,10 @@ security_group_default_rules_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        """Lists, shows information for, creates and deletes default security
+        """List, show information for, create, or delete default security
 group rules.
-These API's are only available with nova-network which is now deprecated.""",
+These APIs are only available with nova-network which is now deprecated.""",
        [
            {
                'method': 'GET',
--- a/nova/policies/security_groups.py
+++ b/nova/policies/security_groups.py
@@ -25,12 +25,12 @@ security_groups_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """This policy checks permission on security groups related APIs.
+        """List, show, add, or remove security groups.
 APIs which are directly related to security groups resource are deprecated:
 Lists, shows information for, creates, updates and deletes
 security groups. Creates and deletes security group rules. All these
-API's are deprecated.
+APIs are deprecated.
 APIs which are related to server resource are not deprecated:
 Lists Security Groups for a server. Add Security Group to a server
--- a/nova/policies/server_diagnostics.py
+++ b/nova/policies/server_diagnostics.py
@@ -25,7 +25,7 @@ server_diagnostics_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        "Shows the usage data for a server",
+        "Show the usage data for a server",
        [
            {
                'method': 'GET',
--- a/nova/policies/server_external_events.py
+++ b/nova/policies/server_external_events.py
@@ -25,7 +25,7 @@ server_external_events_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'create',
        base.RULE_ADMIN_API,
-        "Creates one or more external events",
+        "Create one or more external events",
        [
            {
                'method': 'POST',
--- a/nova/policies/services.py
+++ b/nova/policies/services.py
@@ -25,10 +25,10 @@ services_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        """Lists all running Compute services in a region, enables \
+        "List all running Compute services in a region, enables or disable "
-or disables scheduling for a Compute service, logs disabled Compute service \
+        "scheduling for a Compute service, logs disabled Compute service "
-information, set or unset forced_down flag for the compute service and \
+        "information, set or unset forced_down flag for the compute service "
-deletes a Compute service.""",
+        "and delete a Compute service",
        [
            {
                'method': 'GET',
--- a/nova/policies/shelve.py
+++ b/nova/policies/shelve.py
@@ -25,7 +25,7 @@ shelve_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'shelve',
        base.RULE_ADMIN_OR_OWNER,
-        "Shelve Server",
+        "Shelve server",
        [
            {
                'method': 'POST',
@@ -35,7 +35,7 @@ shelve_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'unshelve',
        base.RULE_ADMIN_OR_OWNER,
-        "Unshelve (Restore) Shelved Server",
+        "Unshelve (restore) shelved server",
        [
            {
                'method': 'POST',
@@ -45,7 +45,7 @@ shelve_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'shelve_offload',
        base.RULE_ADMIN_API,
-        "Shelf-Offload (Remove) Server",
+        "Shelf-offload (remove) server",
        [
            {
                'method': 'POST',
--- a/nova/policies/simple_tenant_usage.py
+++ b/nova/policies/simple_tenant_usage.py
@@ -25,7 +25,7 @@ simple_tenant_usage_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'show',
        base.RULE_ADMIN_OR_OWNER,
-        "Show usage statistics for a specific tenant.",
+        "Show usage statistics for a specific tenant",
        [
            {
                'method': 'GET',
@@ -35,7 +35,7 @@ simple_tenant_usage_policies = [
    policy.DocumentedRuleDefault(
        POLICY_ROOT % 'list',
        base.RULE_ADMIN_API,
-        "List per tenant usage statistics for all tenants.",
+        "List per tenant usage statistics for all tenants",
        [
            {
                'method': 'GET',
--- a/nova/policies/tenant_networks.py
+++ b/nova/policies/tenant_networks.py
@@ -25,8 +25,7 @@ tenant_networks_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """Creates, lists, shows information for, and deletes
+        """Create, list, show information for, and delete project networks.
 project networks.
 These APIs are proxy calls to the Network service. These are all
 deprecated.""",
--- a/nova/policies/used_limits.py
+++ b/nova/policies/used_limits.py
@@ -27,7 +27,7 @@ used_limits_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_API,
-        """Shows rate and absolute limits for the project.
+        """Show rate and absolute limits for the project.
 This policy only checks if the user has access to the requested
 project limits. And this check is performed only after the check
--- a/nova/policies/virtual_interfaces.py
+++ b/nova/policies/virtual_interfaces.py
@@ -25,7 +25,7 @@ virtual_interfaces_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """List Virtual Interfaces.
+        """List virtual interfaces.
 This works only with the nova-network service, which is now deprecated""",
        [
--- a/nova/policies/volumes.py
+++ b/nova/policies/volumes.py
@@ -25,7 +25,7 @@ volumes_policies = [
    policy.DocumentedRuleDefault(
        BASE_POLICY_NAME,
        base.RULE_ADMIN_OR_OWNER,
-        """Manages volumes for use with the Compute API.
+        """Manage volumes for use with the Compute API.
 Lists, shows details, creates, and deletes volumes and snapshots. These APIs
 are proxy calls to the Volume service. These are all deprecated.