Enhance rbac policy parser to correctly interpret user_id policy actions. Currently, while nova in some places uses policy actions that contain the syntax "user_id: %(user_id)s" [0], the rbac policy parser in Patrole cannot understand it. This patch enhances the rbac policy parser to correctly understand policy actions containing the above syntax. [0] https://github.com/openstack/nova/blob/master/nova/policies/keypairs.py Closes-Bug: #1669211 Change-Id: Ibb76d9353e680e5a9557e8d5dcb848ee7b5652f7 Needed-By: Ib2ebe58ccab8e334e073626eddb45bcb3a91a3f7

commit: 889264e90f0b2d469c5e99dd16c0dcbe130813e1 [log] [tgz]
author: Felipe Monteiro <felipe.monteiro@att.com> Wed Mar 01 17:19:35 2017 -0500
committer: Felipe Monteiro <felipe.monteiro@att.com> Thu Mar 02 10:58:46 2017 -0500
tree: d1e9a25f887c2c71ca3261e28674e77887d35284
parent: c41f2609a3128231f96a8ebf2ba5a6ba9d40be4e [diff] [blame]
diff --git a/patrole_tempest_plugin/rbac_auth.py b/patrole_tempest_plugin/rbac_auth.py
index 40a46a7..e4e35b1 100644
--- a/patrole_tempest_plugin/rbac_auth.py
+++ b/patrole_tempest_plugin/rbac_auth.py

@@ -21,9 +21,9 @@
 
 
 class RbacAuthority(object):
-    def __init__(self, tenant_id, service=None):
-        self.converter = rbac_policy_parser.RbacPolicyParser(tenant_id,
-                                                             service)
+    def __init__(self, tenant_id, user_id, service=None):
+        self.converter = rbac_policy_parser.RbacPolicyParser(
+            tenant_id, user_id, service)
 
     def get_permission(self, rule_name, role):
         try:
commit	889264e90f0b2d469c5e99dd16c0dcbe130813e1	[log] [tgz]
author	Felipe Monteiro <felipe.monteiro@att.com>	Wed Mar 01 17:19:35 2017 -0500
committer	Felipe Monteiro <felipe.monteiro@att.com>	Thu Mar 02 10:58:46 2017 -0500
tree	d1e9a25f887c2c71ca3261e28674e77887d35284
parent	c41f2609a3128231f96a8ebf2ba5a6ba9d40be4e [diff] [blame]