commit 029d8c31267758d60c7f28f81ddb27d25f2fdd65
author DavidPurcell <david.purcell@att.com> Fri Jan 06 15:27:41 2017 -0500
committer DavidPurcell <david.purcell@att.com> Fri Jan 13 11:37:30 2017 -0500
tree 5a2daee0144ca4a7fb4d3d0db53ccd6e1f7b2854
parent 663aedfe4619a278a3abd224bd4f0909e5d9dea7

Initial functionality framework.
Includes:
rbac_util - Utility for switching between roles for tests.
rbac_auth - Determines if a given role is valid for a given api call.
rbac_rule_validation - Determines if a allowed proper access and denied improper access (403 error)
rbac_role_converter - Converts policy.json files into a list of api's and the roles that can access them.

One example rbac_base in tests/api/rbac_base
One example test in tests/api/images/test_images_rbac.py

New config settings for rbac_flag, rbac_test_role, and rbac_roles

Implements bp: initial-framework
Co-Authored-By: Sangeet Gupta <sg774j@att.com>
Co-Authored-By: Rick Bartra <rb560u@att.com>
Co-Authored-By: Felipe Monteiro <felipe.monteiro@att.com>
Co-Authored-By: Anthony Bellino <ab2434@att.com>
Co-Authored-By: Avishek Dutta <ad620p@att.com>

Change-Id: Ic97b2558ba33ab47ac8174ae37629d36ceb1c9de

patrole_tempest_plugin/config.py

diff --git a/patrole_tempest_plugin/config.py b/patrole_tempest_plugin/config.py
index b0f25fd..2b20391 100644
--- a/patrole_tempest_plugin/config.py
+++ b/patrole_tempest_plugin/config.py
@@ -17,3 +17,17 @@
 
 rbac_group = cfg.OptGroup(name='rbac',
                           title='RBAC testing options')
+
+RbacGroup = [
+    cfg.StrOpt('rbac_test_role',
+               default='admin',
+               help="The current RBAC role against which to run"
+                    " Patrole tests."),
+    cfg.BoolOpt('rbac_flag',
+                default=False,
+                help="Enables RBAC tests."),
+    cfg.ListOpt('rbac_roles',
+                default=['admin'],
+                help="List of RBAC roles found in the policy files "
+                     "under testing."),
+]