Add rbac_utils is_admin helper method This patch adds a helper method to rbac_utils.RbacUtils called ``is_admin`` which returns True if the current RBAC test role is equal to the admin role defined in tempest.conf (i.e. CONF.rbac.rbac_test_role == CONF.identity.admin_role). This makes it easier to check this equivalence in a test by simply running: if self.rbac_utils.is_admin: do something Change-Id: I0efb005f90ac77449453f6b68a010ec64e7a03f7

commit: 17e9b49f4849d1e2900bf087d7c8b059c135b48b [log] [tgz]
author: Felipe Monteiro <felipe.monteiro@att.com> Sat May 27 05:45:20 2017 +0100
committer: Felipe Monteiro <felipe.monteiro@att.com> Thu Jun 01 15:42:03 2017 +0000
tree: 3f026d33e962adb7fd046e1622f78610a959529b
parent: eeb271a21ef1bdcda060643b970ecff15c30b1a1 [diff] [blame]
diff --git a/patrole_tempest_plugin/rbac_rule_validation.py b/patrole_tempest_plugin/rbac_rule_validation.py
index c63ef90..ba04a30 100644
--- a/patrole_tempest_plugin/rbac_rule_validation.py
+++ b/patrole_tempest_plugin/rbac_rule_validation.py

@@ -81,7 +81,7 @@
                 LOG.info("As admin_only is True, only admin role should be "
                          "allowed to perform the API. Skipping oslo.policy "
                          "check for policy action {0}.".format(rule))
-                allowed = CONF.rbac.rbac_test_role == CONF.identity.admin_role
+                allowed = test_obj.rbac_utils.is_admin
             else:
                 allowed = _is_authorized(test_obj, service, rule,
                                          extra_target_data)
commit	17e9b49f4849d1e2900bf087d7c8b059c135b48b	[log] [tgz]
author	Felipe Monteiro <felipe.monteiro@att.com>	Sat May 27 05:45:20 2017 +0100
committer	Felipe Monteiro <felipe.monteiro@att.com>	Thu Jun 01 15:42:03 2017 +0000
tree	3f026d33e962adb7fd046e1622f78610a959529b
parent	eeb271a21ef1bdcda060643b970ecff15c30b1a1 [diff] [blame]