Add tests for Policy-Management and BGPVPN.

http://www.opencontrail.org/documentation/api/r5.0/contrail_openapi.html#policy-management-label
http://www.opencontrail.org/documentation/api/r5.0/contrail_openapi.html#bgpvpn-label
diff --git a/tungsten_tempest_plugin/tests/api/contrail/test_bgpvpn.py b/tungsten_tempest_plugin/tests/api/contrail/test_bgpvpn.py
new file mode 100644
index 0000000..2034b27
--- /dev/null
+++ b/tungsten_tempest_plugin/tests/api/contrail/test_bgpvpn.py
@@ -0,0 +1,101 @@
+"""Tempest Suite for Contrail BGP_VPN."""
+# Copyright 2018 AT&T Intellectual Property.
+# All other rights reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from patrole_tempest_plugin import rbac_rule_validation
+from tempest import config
+from tempest.lib.common.utils import data_utils
+from tempest.lib import decorators
+
+from tungsten_tempest_plugin.tests.api.contrail import rbac_base
+
+CONF = config.CONF
+
+
+class BgpvpnTest(rbac_base.BaseContrailTest):
+    """Test suite for validating RBAC functionality of 'bgpvpn' API."""
+
+    @classmethod
+    def skip_checks(cls):
+        super(BgpvpnTest, cls).skip_checks()
+        if float(CONF.sdn.contrail_version) < 4:
+            msg = "bgpvpn requires Contrail >= 4"
+            raise cls.skipException(msg)
+
+    @classmethod
+    def resource_setup(cls):
+        """Create Bgpvpn to use across the Suite."""
+        super(BgpvpnTest, cls).resource_setup()
+        cls.bgpvpn_uuid = cls._create_bgpvpn()
+
+    @classmethod
+    def _create_bgpvpn(cls):
+        """Create Bgpvpn."""
+        bgpvpn_name = data_utils.rand_name('test-bgpvpn')
+        bgpvpn_fq_name = ['default-domain', cls.tenant_name, bgpvpn_name]
+        resp_body = cls.contrail_client.create_bgpvpn(
+            parent_type='project',
+            fq_name=bgpvpn_fq_name)
+        bgpvpn_uuid = resp_body['bgpvpn']['uuid']
+        cls.addClassResourceCleanup(
+            cls._try_delete_resource,
+            cls.contrail_client.delete_bgpvpn,
+            bgpvpn_uuid)
+        return bgpvpn_uuid
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["list_bgpvpns"])
+    @decorators.idempotent_id('65afb5d5-52cb-484c-9e8e-42509be7dd77')
+    def test_list_bgpvpns(self):
+        """Test whether current role can list of bgpvpns."""
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.list_bgpvpns()
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["create_bgpvpns"])
+    @decorators.idempotent_id('c3a7510c-c8d6-4736-9962-5c1aa032bf79')
+    def test_create_bgpvpns(self):
+        """Test whether current role can create bgpvpn."""
+        with self.rbac_utils.override_role(self):
+            self._create_bgpvpn()
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["show_bgpvpn"])
+    @decorators.idempotent_id('2fd05ca2-97d8-477c-aead-a881a2ba5e7e')
+    def test_show_bgpvpn(self):
+        """Test whether current role can get bgpvpn details."""
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.show_bgpvpn(
+                self.bgpvpn_uuid)
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["delete_bgpvpn"])
+    @decorators.idempotent_id('919aa2bb-1556-4dcf-bbef-0a31f9c6464b')
+    def test_delete_bgpvpn(self):
+        """Test whether current role can delete bgpvpn details."""
+        new_bgpvpn_uuid = self._create_bgpvpn()
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.delete_bgpvpn(
+                new_bgpvpn_uuid)
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["update_bgpvpn"])
+    @decorators.idempotent_id('ae734791-eaeb-4ca9-908a-59d0eac1a3c0')
+    def test_update_bgpvpn(self):
+        """Test whether current role can update bgpvpn."""
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.update_bgpvpn(
+                self.bgpvpn_uuid,
+                display_name=data_utils.rand_name('test-bgpvpn'))
diff --git a/tungsten_tempest_plugin/tests/api/contrail/test_policy_management.py b/tungsten_tempest_plugin/tests/api/contrail/test_policy_management.py
new file mode 100644
index 0000000..1e36958
--- /dev/null
+++ b/tungsten_tempest_plugin/tests/api/contrail/test_policy_management.py
@@ -0,0 +1,121 @@
+"""Tempest Suite for Policy Management of Contrail."""
+# Copyright 2018 AT&T Corp
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+from patrole_tempest_plugin import rbac_rule_validation
+from tempest import config
+from tempest.lib.common.utils import data_utils
+from tempest.lib import decorators
+
+from tungsten_tempest_plugin.tests.api.contrail import rbac_base
+
+CONF = config.CONF
+
+
+class PolicyManagementTest(rbac_base.BaseContrailTest):
+    """Class to test the Policy Management of  Contrail."""
+
+    @classmethod
+    def skip_checks(cls):
+        """Skip the Suite if the Contrail version is less than five."""
+        super(PolicyManagementTest, cls).skip_checks()
+        if float(CONF.sdn.contrail_version) < 5:
+            msg = "policy_management requires Contrail >= 5"
+            raise cls.skipException(msg)
+
+    @classmethod
+    def resource_setup(cls):
+        """Create Policy Management to use across the Suite."""
+        super(PolicyManagementTest, cls).resource_setup()
+        cls.policy_management_uuid = cls._create_policy_management()
+
+    @classmethod
+    def _create_policy_management(cls):
+        """Create a Policy Management."""
+        fq_name = data_utils.rand_name('policy-management')
+        post_body = {
+            'parent_type': 'project',
+            'fq_name': ["default-domain", cls.tenant_name, fq_name]
+        }
+        resp_body = cls.contrail_client.create_policy_management(
+            **post_body)
+        policy_management_uuid = resp_body['policy-management']['uuid']
+        cls.addClassResourceCleanup(
+            cls._try_delete_resource,
+            cls.contrail_client.delete_policy_management,
+            policy_management_uuid)
+        return policy_management_uuid
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["create_policy_management"])
+    @decorators.idempotent_id('8fc56caa-fe8c-487f-8da6-579ae56dc831')
+    def test_create_policy_management(self):
+        """Create policy_management.
+
+        RBAC test for the Contrail create_policy_management policy
+        """
+        with self.rbac_utils.override_role(self):
+            self._create_policy_management()
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["list_policy_management"])
+    @decorators.idempotent_id('5bfb007b-70d3-48f2-91ce-dc2ff471fe34')
+    def test_list_policy_managements(self):
+        """List policy_managements.
+
+        RBAC test for the Contrail list_policy_managements policy
+        """
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.list_policy_managements()
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["show_policy_management"])
+    @decorators.idempotent_id('a62737ec-dae9-4c26-8474-c4352c578607')
+    def test_show_policy_management(self):
+        """Show policy_management.
+
+        RBAC test for the Contrail show_policy_management policy
+        """
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.\
+                show_policy_management(self.policy_management_uuid)
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["delete_policy_management"])
+    @decorators.idempotent_id('1a3515ce-ce89-42e0-a4aa-a6c80eed4a7e')
+    def test_delete_policy_management(self):
+        """Delete policy_management.
+
+        RBAC test for the Contrail delete_policy_management policy
+        """
+        obj_uuid = self._create_policy_management()
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.\
+                delete_policy_management(obj_uuid)
+
+    @rbac_rule_validation.action(service="Contrail",
+                                 rules=["update_service_object"])
+    @decorators.idempotent_id('833de029-cd09-4929-a40e-ddf521381474')
+    def test_update_policy_management(self):
+        """Update policy_management.
+
+        RBAC test for the Contrail update_policy_management policy
+        """
+        put_body = {
+            'display_name': data_utils.rand_name(
+                'update_policy_management')}
+        with self.rbac_utils.override_role(self):
+            self.contrail_client.update_policy_management(
+                self.policy_management_uuid, **put_body)