Limit exception handling to calls within override_role
Motivation: prevents false positives caused by test
exceptions matching the expected exception before or
after the ``override_role`` context is called.
This patchset changes expected_error_codes behavior [0] by checking
errors explicitly outside the override_role context. This is done
by introducing a new function to rbac_rule_validation that is
used for validating that the expected exception isn't raised too
early (before ``override_role`` call) or too late (after
``override_call``) or at all (which is a bad test).
This means that exceptions raised prior to override_role
call result in failure. The same goes for exceptions raised
after override_role -- except for those that are an instance
of BasePatroleException (which is valid for things like
RbacMalformedResponse getting raised intentionally).
The new exception that is introduced is called
RbacOverrideRoleException.
Unit tests are added for all validation scenarios described
above.
[0] https://storyboard.openstack.org/#!/story/2003297
Story: 2003297
Task: 24246
Co-Authored-By: Felipe Monteiro <felipe.monteiro@att.com>
Change-Id: Iae9a58640463093f6dda20d40261b20051be2820
6 files changed