** Changed in: keystone
Status: Fix Released => Fix Committed
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1675822
Title:
Allow policy actions in code to be importable for RBAC testing
Status in OpenStack Identity (keystone):
Fix Committed
Bug description:
Now that Keystone is defining all of its policy actions in code, it is
no longer possible to read the keystone policy.json in order to
retrieve an exhaustive list of all the Keystone policy actions,
necessary for RBAC testing by Patrole.
Currently, Nova has its policy actions in code [0] and allows them to
be imported via setup.cfg [1].
Keystone can do the same thing as Nova by adding
oslo.policy.policies =
keystone = keystone.common.policies:list_rules
to its setup.cfg.
Moreover, oslo.policy currently uses the "oslo.policy.policies"
extension by default [2] in order to generate a sample policy file.
This bug fix, therefore, solves both issues.
[0] https://github.com/openstack/nova/blob/master/nova/policies/__init__.py
[1] https://github.com/openstack/nova/blob/master/setup.cfg
[2]
https://github.com/openstack/oslo.policy/blob/master/oslo_policy/generator.py
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1675822/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
