Add description to policies in floating_ip files

Includes floating_ip_dns.py, floating_ip_pools.py, floating_ips_bulk.py, and floating_ip.py. blueprint policy-docs Change-Id: Ib4807c83e3f7dc88b6b6b71293937b79caf976ce
2017-04-25 18:08:16 +01:00 · 2017-04-25 18:08:16 +01:00 · 76ca5f6796
parent d3b647a000
commit 76ca5f6796
4 changed files with 110 additions and 26 deletions
--- a/nova/policies/floating_ip_dns.py
+++ b/nova/policies/floating_ip_dns.py
@ -13,8 +13,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-from oslo_policy import policy
-
 from nova.policies import base


@ -23,15 +21,54 @@ POLICY_ROOT = 'os_compute_api:os-floating-ip-dns:%s'


 floating_ip_dns_policies = [
-    policy.RuleDefault(
-        name=BASE_POLICY_NAME,
-        check_str=base.RULE_ADMIN_OR_OWNER),
-    policy.RuleDefault(
-        name=POLICY_ROOT % 'domain:update',
-        check_str=base.RULE_ADMIN_API),
-    policy.RuleDefault(
-        name=POLICY_ROOT % 'domain:delete',
-        check_str=base.RULE_ADMIN_API),
+    base.create_rule_default(
+        BASE_POLICY_NAME,
+        base.RULE_ADMIN_OR_OWNER,
+        """List registered DNS domains, and CRUD actions on domain names.
+
+Note this only works with nova-network and this API is deprecated.""",
+        [
+            {
+                'method': 'GET',
+                'path': '/os-floating-ip-dns'
+            },
+            {
+                'method': 'GET',
+                'path': '/os-floating-ip-dns/{domain}/entries/{ip}'
+            },
+            {
+                'method': 'GET',
+                'path': '/os-floating-ip-dns/{domain}/entries/{name}'
+            },
+            {
+                'method': 'PUT',
+                'path': '/os-floating-ip-dns/{domain}/entries/{name}'
+            },
+            {
+                'method': 'DELETE',
+                'path': '/os-floating-ip-dns/{domain}/entries/{name}'
+            },
+        ]),
+    base.create_rule_default(
+        POLICY_ROOT % 'domain:update',
+        base.RULE_ADMIN_API,
+        "Create or update a DNS domain.",
+        [
+            {
+                'method': 'PUT',
+                'path': '/os-floating-ip-dns/{domain}'
+            }
+        ]),
+    base.create_rule_default(
+        POLICY_ROOT % 'domain:delete',
+        base.RULE_ADMIN_API,
+        "Delete a DNS domain.",
+        [
+            {
+                'method': 'DELETE',
+                'path': '/os-floating-ip-dns/{domain}'
+            }
+        ]),
 ]


--- a/nova/policies/floating_ip_pools.py
+++ b/nova/policies/floating_ip_pools.py
@ -13,8 +13,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-from oslo_policy import policy
-
 from nova.policies import base


@ -22,9 +20,16 @@ BASE_POLICY_NAME = 'os_compute_api:os-floating-ip-pools'


 floating_ip_pools_policies = [
-    policy.RuleDefault(
-        name=BASE_POLICY_NAME,
-        check_str=base.RULE_ADMIN_OR_OWNER),
+    base.create_rule_default(
+        BASE_POLICY_NAME,
+        base.RULE_ADMIN_OR_OWNER,
+        "List floating IP pools. This API is deprecated.",
+        [
+            {
+                'method': 'GET',
+                'path': '/os-floating-ip-pools'
+            }
+        ]),
 ]


--- a/nova/policies/floating_ips.py
+++ b/nova/policies/floating_ips.py
@ -13,8 +13,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-from oslo_policy import policy
-
 from nova.policies import base


@ -22,9 +20,36 @@ BASE_POLICY_NAME = 'os_compute_api:os-floating-ips'


 floating_ips_policies = [
-    policy.RuleDefault(
-        name=BASE_POLICY_NAME,
-        check_str=base.RULE_ADMIN_OR_OWNER),
+    base.create_rule_default(
+        BASE_POLICY_NAME,
+        base.RULE_ADMIN_OR_OWNER,
+        "Manage a project's floating IPs. These APIs are all deprecated.",
+        [
+            {
+                'method': 'POST',
+                'path': '/servers/{server_id}/action (addFloatingIp)'
+            },
+            {
+                'method': 'POST',
+                'path': '/servers/{server_id}/action (removeFloatingIp)'
+            },
+            {
+                'method': 'GET',
+                'path': '/os-floating-ips'
+            },
+            {
+                'method': 'POST',
+                'path': '/os-floating-ips'
+            },
+            {
+                'method': 'GET',
+                'path': '/os-floating-ips/{floating_ip_id}'
+            },
+            {
+                'method': 'DELETE',
+                'path': '/os-floating-ips/{floating_ip_id}'
+            },
+        ]),
 ]


--- a/nova/policies/floating_ips_bulk.py
+++ b/nova/policies/floating_ips_bulk.py
@ -13,8 +13,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-from oslo_policy import policy
-
 from nova.policies import base


@ -22,9 +20,28 @@ BASE_POLICY_NAME = 'os_compute_api:os-floating-ips-bulk'


 floating_ips_bulk_policies = [
-    policy.RuleDefault(
-        name=BASE_POLICY_NAME,
-        check_str=base.RULE_ADMIN_API),
+    base.create_rule_default(
+        BASE_POLICY_NAME,
+        base.RULE_ADMIN_API,
+        "Bulk-create, delete, and list floating IPs. API is deprecated.",
+        [
+            {
+                'method': 'GET',
+                'path': '/os-floating-ips-bulk'
+            },
+            {
+                'method': 'POST',
+                'path': '/os-floating-ips-bulk'
+            },
+            {
+                'method': 'PUT',
+                'path': '/os-floating-ips-bulk/delete'
+            },
+            {
+                'method': 'GET',
+                'path': '/os-floating-ips-bulk/{host_name}'
+            },
+        ]),
 ]