Add service validation to Patrole framework Verify that the service being passed in the rbac_rule_validation decorator is a valid service. The Tempest Identity v3 services_client is being used to make a call to Keystone to list the services that are available. If an invalid service is passed in the decorator, then an exception is thrown. Change-Id: I3de3fccf18456bb8382864eeabcbfe64e2cffebb Implements: blueprint add-service-validation

commit: 503c557c2510803618992b0f64bc450735420c16 [log] [tgz]
author: Rick Bartra <rb560u@att.com> Thu Mar 09 13:49:58 2017 -0500
committer: Felipe Monteiro <felipe.monteiro@att.com> Sun Mar 12 02:08:55 2017 +0000
tree: 04551fa5f07160ec0ecd4e47b06625e83cddcfb1
parent: 2b77d3c168c37492a7ab897243ca596225b96453 [diff] [blame]
diff --git a/patrole_tempest_plugin/rbac_rule_validation.py b/patrole_tempest_plugin/rbac_rule_validation.py
index 36784b7..284d8f0 100644
--- a/patrole_tempest_plugin/rbac_rule_validation.py
+++ b/patrole_tempest_plugin/rbac_rule_validation.py

@@ -41,6 +41,12 @@
 
             try:
                 func(*args)
+            except rbac_exceptions.RbacInvalidService as e:
+                    msg = ("%s is not a valid service." % service)
+                    LOG.error(msg)
+                    raise exceptions.NotFound(
+                        "%s RbacInvalidService was: %s" %
+                        (msg, e))
             except exceptions.Forbidden as e:
                 if allowed:
                     msg = ("Role %s was not allowed to perform %s." %
commit	503c557c2510803618992b0f64bc450735420c16	[log] [tgz]
author	Rick Bartra <rb560u@att.com>	Thu Mar 09 13:49:58 2017 -0500
committer	Felipe Monteiro <felipe.monteiro@att.com>	Sun Mar 12 02:08:55 2017 +0000
tree	04551fa5f07160ec0ecd4e47b06625e83cddcfb1
parent	2b77d3c168c37492a7ab897243ca596225b96453 [diff] [blame]