commit 88a5bab82076e9f783f9a4857eafd1a1cf242bbc
author Felipe Monteiro <felipe.monteiro@att.com> Thu Aug 31 04:00:32 2017 +0100
committer Felipe Monteiro <felipe.monteiro@att.com> Thu Aug 31 04:00:45 2017 +0100
tree d87460ede44f239734fe96a62181d28e9ff9d653
parent 7f8993fe3c5edb9157d696f1e0b5b97f37f31032

Rename rbac_policy_parser to policy_authority

This change is a follow-up to commit

I8ba89ab5e134b15e97ac20a7aacbfd70896e192f

which introduced an abstract class from which (previously)
rbac_policy_parser and requirements authority inherit, providing
rbac_rule_validation with 2 ways of validating RBAC.

For the sake of naming consistency, rbac_policy_parser is renamed
to policy_authority. This naming scheme is better because
"policy parser" is implementation-specific and doesn't convey
what the file (and class name) do from a high-level perspective.

Because this file is only used internally to Patrole, it can be
changed without backward-compatibility concerns.

This commit also includes documentation for the policy authority
module and the rbac_rule_validation module.

Change-Id: Ie09fc2d884f9211244b062fdd5fe018970c2bb2d

patrole_tempest_plugin/rbac_rule_validation.py

diff --git a/patrole_tempest_plugin/rbac_rule_validation.py b/patrole_tempest_plugin/rbac_rule_validation.py
index 69a98e3..69274b3 100644
--- a/patrole_tempest_plugin/rbac_rule_validation.py
+++ b/patrole_tempest_plugin/rbac_rule_validation.py
@@ -23,8 +23,8 @@
 from tempest.lib import exceptions
 from tempest import test
 
+from patrole_tempest_plugin import policy_authority
 from patrole_tempest_plugin import rbac_exceptions
-from patrole_tempest_plugin import rbac_policy_parser
 from patrole_tempest_plugin import rbac_utils
 from patrole_tempest_plugin import requirements_authority
 
@@ -237,14 +237,14 @@
 
     try:
         role = CONF.patrole.rbac_test_role
-        # Test RBAC against custom requirements. Otherwise use oslo.policy
+        # Test RBAC against custom requirements. Otherwise use oslo.policy.
         if CONF.patrole.test_custom_requirements:
             authority = requirements_authority.RequirementsAuthority(
                 CONF.patrole.custom_requirements_file, service)
         else:
             formatted_target_data = _format_extra_target_data(
                 test_obj, extra_target_data)
-            authority = rbac_policy_parser.RbacPolicyParser(
+            authority = policy_authority.PolicyAuthority(
                 project_id, user_id, service,
                 extra_target_data=formatted_target_data)
         is_allowed = authority.allowed(rule, role)