Add support for the oslo_policy/enforce_scope parameter

Change-Id: I4f868e7054cc83ec09b0c97be6e341e53fd952e6

manifests/policy.pp

@@ -7,6 +7,10 @@
 #
 # === Parameters:
 #
+# [*enforce_scope*]
+#  (Optional) Whether or not to enforce scope when evaluating policies.
+#  Defaults to $::os_service_default.
+#
 # [*policy_file*]
 #  (Optional) The JSON file that defines policies. (string value)
 #  Defaults to $::os_service_default.
@@ -25,6 +29,7 @@
 #  Defaults to $::os_service_default.
 #
 define oslo::policy(
+  $enforce_scope       = $::os_service_default,
   $policy_file         = $::os_service_default,
   $policy_default_rule = $::os_service_default,
   $policy_dirs         = $::os_service_default,
@@ -36,6 +41,7 @@ define oslo::policy(
   }
 
   $policy_options = {
+    'oslo_policy/enforce_scope'       => { value => $enforce_scope },
     'oslo_policy/policy_file'         => { value => $policy_file },
     'oslo_policy/policy_default_rule' => { value => $policy_default_rule },
     'oslo_policy/policy_dirs'         => { value => $policy_dirs_orig },

releasenotes/notes/oslo_policy-enforce_scope-a65d9a5e538a05e6.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The new ``oslo::policy::enforce_scope`` parameter has been added to support
+    the corresponding parameter in oslo.policy library.

spec/defines/oslo_policy_spec.rb

@@ -8,6 +8,7 @@ describe 'oslo::policy' do
 
     context 'with default parameters' do
       it 'configure oslo_policy default params' do
+        is_expected.to contain_keystone_config('oslo_policy/enforce_scope').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_keystone_config('oslo_policy/policy_file').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_keystone_config('oslo_policy/policy_default_rule').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_keystone_config('oslo_policy/policy_dirs').with_value('<SERVICE DEFAULT>')
@@ -17,6 +18,7 @@ describe 'oslo::policy' do
     context 'with overridden parameters' do
       let :params do
         {
+          :enforce_scope       => false,
           :policy_file         => '/path/to/policy.file',
           :policy_default_rule => 'some rule',
           :policy_dirs         => ['dir1', '/dir/2'],
@@ -24,6 +26,7 @@ describe 'oslo::policy' do
       end
 
       it 'configures oslo_policy section' do
+        is_expected.to contain_keystone_config('oslo_policy/enforce_scope').with_value(false)
         is_expected.to contain_keystone_config('oslo_policy/policy_file').with_value('/path/to/policy.file')
         is_expected.to contain_keystone_config('oslo_policy/policy_default_rule').with_value('some rule')
         is_expected.to contain_keystone_config('oslo_policy/policy_dirs').with_value('dir1,/dir/2')