Throw skipException for invalid policy actions.
Currently, if an invalid policy action is passed to the
rbac_rule_validation.action decorator, then
rbac_policy_parser.RbacPolicyParser.allowed => false to
rbac_auth.RbacAuthority.get_permission => false to allowed in
rbac_rule_validation. At this point, if the test passes, then
an OverPermission error is thrown, which is nonsensical. If
the test fails, then the test will silently pass. This is very
bad.
Instead, the Patrole framework should be changed to throw a
skipException if the policy action that is passed to the
decorator is invalid, with a detailed error message as to
what happened. The reason why a skipException should be
thrown is because of backwards compatibility: since policy
actions change all the time, they are not
backwards-compatible. Failing the test in a previous version
of, say, Nova, will make adopting Patrole for testing in
earlier OS releases more challenging, because failures might
occur everywhere, since the policy actions probably won't exist
in either the default policy file or a custom policy file.
Also, expecting a failure is not appropriate either, since
there is no perfect correlation between the policy action
being passed in and the logic inside the test. (For example,
it is possible to set the policy action to "foo", then call
"nova list" -- the test will probably pass, causing the
expected failure to fail.)
This patch throws a skipException if an invalid policy action
is passed to the rbac_rule_validation.action decorator.
Change-Id: I7ef87417e1bb05450e9e750bc605aa34d985c835
Implements: blueprint skip-invalid-policy-actions
6 files changed