Merge "Add tests for update group types for volume module"
diff --git a/patrole_tempest_plugin/policy_authority.py b/patrole_tempest_plugin/policy_authority.py
index 3f4236b..6851942 100644
--- a/patrole_tempest_plugin/policy_authority.py
+++ b/patrole_tempest_plugin/policy_authority.py
@@ -292,8 +292,9 @@
def _try_rule(self, apply_rule, target, access_data, o):
if apply_rule not in self.rules:
- message = "Policy action: {0} not found in policy file: {1}."\
- .format(apply_rule, self.path)
+ message = ("Policy action \"{0}\" not found in policy file: {1} or"
+ " among registered policy in code defaults for service."
+ ).format(apply_rule, self.path)
LOG.debug(message)
raise rbac_exceptions.RbacParsingException(message)
else:
diff --git a/patrole_tempest_plugin/tests/api/compute/test_server_rbac.py b/patrole_tempest_plugin/tests/api/compute/test_server_rbac.py
index b95ebd5..a9d746c 100644
--- a/patrole_tempest_plugin/tests/api/compute/test_server_rbac.py
+++ b/patrole_tempest_plugin/tests/api/compute/test_server_rbac.py
@@ -51,7 +51,13 @@
@decorators.idempotent_id('4f34c73a-6ddc-4677-976f-71320fa855bd')
def test_create_server(self):
with self.rbac_utils.override_role(self):
- self.create_test_server(wait_until='ACTIVE')
+ server = self.servers_client.create_server(
+ name=data_utils.rand_name(self.__class__.__name__ + '-Server'),
+ flavorRef=CONF.compute.flavor_ref,
+ imageRef=CONF.compute.image_ref)['server']
+ self.addCleanup(waiters.wait_for_server_termination,
+ self.servers_client, server['id'])
+ self.addCleanup(self.servers_client.delete_server, server['id'])
@rbac_rule_validation.action(
service="nova",
@@ -70,8 +76,14 @@
availability_zone = 'nova:' + host
with self.rbac_utils.override_role(self):
- self.create_test_server(wait_until='ACTIVE',
- availability_zone=availability_zone)
+ server = self.servers_client.create_server(
+ name=data_utils.rand_name(self.__class__.__name__ + '-Server'),
+ flavorRef=CONF.compute.flavor_ref,
+ imageRef=CONF.compute.image_ref,
+ availability_zone=availability_zone)['server']
+ self.addCleanup(waiters.wait_for_server_termination,
+ self.servers_client, server['id'])
+ self.addCleanup(self.servers_client.delete_server, server['id'])
@utils.services('volume')
@rbac_rule_validation.action(
@@ -86,7 +98,6 @@
imageRef=CONF.compute.image_ref,
size=CONF.volume.volume_size)['id']
- server_name = data_utils.rand_name(self.__class__.__name__ + "-server")
bd_map_v2 = [{'uuid': volume_id,
'source_type': 'volume',
'destination_type': 'volume',
@@ -96,8 +107,11 @@
with self.rbac_utils.override_role(self):
# Use image_id='' to avoid using the default image in tempest.conf.
- server = self.create_test_server(name=server_name, image_id='',
- **device_mapping)
+ server = self.servers_client.create_server(
+ name=data_utils.rand_name(self.__class__.__name__ + '-Server'),
+ flavorRef=CONF.compute.flavor_ref,
+ imageRef='',
+ **device_mapping)['server']
# Delete the server and wait for the volume to become available to
# avoid clean up errors.
self.addCleanup(test_utils.call_and_ignore_notfound_exc,
@@ -138,8 +152,11 @@
network_id = {'uuid': network['id']}
with self.rbac_utils.override_role(self):
- server = self.create_test_server(wait_until='ACTIVE',
- networks=[network_id])
+ server = self.servers_client.create_server(
+ name=data_utils.rand_name(self.__class__.__name__ + '-Server'),
+ flavorRef=CONF.compute.flavor_ref,
+ imageRef=CONF.compute.image_ref,
+ networks=[network_id])['server']
self.addCleanup(waiters.wait_for_server_termination,
self.servers_client, server['id'])
self.addCleanup(self.servers_client.delete_server, server['id'])
diff --git a/patrole_tempest_plugin/tests/unit/test_policy_authority.py b/patrole_tempest_plugin/tests/unit/test_policy_authority.py
index db651fc..d2074e7 100644
--- a/patrole_tempest_plugin/tests/unit/test_policy_authority.py
+++ b/patrole_tempest_plugin/tests/unit/test_policy_authority.py
@@ -269,8 +269,10 @@
test_tenant_id, test_user_id, "custom_rbac_policy")
fake_rule = 'fake_rule'
- expected_message = "Policy action: {0} not found in policy file: {1}."\
- .format(fake_rule, self.custom_policy_file)
+ expected_message = (
+ "Policy action \"{0}\" not found in policy file: {1} or among "
+ "registered policy in code defaults for service.").format(
+ fake_rule, self.custom_policy_file)
e = self.assertRaises(rbac_exceptions.RbacParsingException,
authority.allowed, fake_rule, None)
@@ -289,9 +291,10 @@
**{'__getitem__.return_value.side_effect': Exception(
mock.sentinel.error)})
- expected_message = "Policy action: {0} not found in "\
- "policy file: {1}.".format(mock.sentinel.rule,
- self.custom_policy_file)
+ expected_message = (
+ "Policy action \"{0}\" not found in policy file: {1} or among "
+ "registered policy in code defaults for service.").format(
+ mock.sentinel.rule, self.custom_policy_file)
e = self.assertRaises(rbac_exceptions.RbacParsingException,
authority.allowed, mock.sentinel.rule, None)
diff --git a/test-requirements.txt b/test-requirements.txt
index 0437566..7a4ec28 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -3,7 +3,7 @@
# process, which may cause wedges in the gate later.
hacking>=1.0.0 # Apache-2.0
-sphinx>=1.6.2 # BSD
+sphinx!=1.6.6,>=1.6.2 # BSD
openstackdocstheme>=1.17.0 # Apache-2.0
reno>=2.5.0 # Apache-2.0
fixtures>=3.0.0 # Apache-2.0/BSD