)]}'
{
  "log": [
    {
      "commit": "e0f35503c90bee01666ee252689738c7c2042ce8",
      "tree": "fc80d222332c6925886acec96e4192d30636569d",
      "parents": [
        "c38aca7587f526dbea4b3337b0a4822ae837d4ea"
      ],
      "author": {
        "name": "Mykola Yakovliev",
        "email": "VegasQ@gmail.com",
        "time": "Wed Sep 26 18:26:57 2018 -0500"
      },
      "committer": {
        "name": "Mykola Yakovliev",
        "email": "myakovliev@mirantis.com",
        "time": "Wed Oct 31 20:45:13 2018 +0000"
      },
      "message": "Multi role RBAC validation\n\nThis patchset replaces ``CONF.patrole.rbac_test_role`` with\n``CONF.patrole.rbac_test_roles``, where instead of single role\nwe can specify list of roles to be assigned to test user.\n\nChange-Id: Ia68bcbdbb523dfe7c4abd6107fb4c426a566ae9d\n"
    },
    {
      "commit": "f16b6b3a1df654cfc98256ab1dd92ad4e719c369",
      "tree": "d757fcb089c63b21c7fffd8db1f8fc94c6f6e942",
      "parents": [
        "556094d276d79b7f320e5557aee93d7f029a1363"
      ],
      "author": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Thu Jun 28 19:32:59 2018 -0400"
      },
      "committer": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Fri Jun 29 04:51:33 2018 +0000"
      },
      "message": "Update overpermission/underpermission rbac exceptions\n\nThis patchset updates rbac_exceptions by bringing the concept\nof under-permission and over-permission together. An over-permission\noccurs when an unauthorized role is allowed to perform an action\nand an under-permission occurs when an authorized role is not\nallowed to perform an action. Both of these are important failure\nscenarios.\n\nCurrent Patrole has an RbacOverPermission Exception but uses\na \"Forbidden\" as a pseudonym for the under-permission version\nbut this is not ideal for the following reasons:\n\n* Patrole can expect a 404 Not Found due to Neutron policy enforcement [0]\n* The naming is inconsistent with RbacOverPermission\n* It should have a Patrole wrapper exception (NotFound is used directly\n  from Tempest)\n\nSo, this patchset:\n\n* renames RbacOverPermission to RbacOverPermissionException\n* replaces Forbidden exception with RbacUnderPermissionException\n* updates documentation, docstrings and unit tests\n\nIn addition, this patchset introduces a new exception called\nRbacExpectedWrongException which is raised when the expected\nexception does not match the actual exception and both are instances\nof 403 and 404, which means that the RBAC test uses the wrong\nexpected_error_codes.\n\nChange-Id: I681610448cbe0269f02c34ea6afaaaf29c306121\n"
    },
    {
      "commit": "66d54a926674c1c60a2c0f3586b3dd6e938e2b89",
      "tree": "10f62e507af036b8bdc8b968b981516d59bb133a",
      "parents": [
        "9f42552b1aeb615cc7c705156fe0392184e581e8"
      ],
      "author": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Thu May 31 20:08:35 2018 +0100"
      },
      "committer": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Sat Jun 09 00:30:30 2018 -0400"
      },
      "message": "Docs: Add requirements authority module to documentation\n\nThis patchset includes documentation on the rbac_authority\nand the requirements_authority modules. In addition,\nthe documentation for the policy_authority module is\nexpanded. All 3 modules are explained together, explaining\nthat the rbac_authority module contains an abstract\nclass consumed by the classes in the other two modules.\n\nThe use cases for each validation approach is also included\nin the documentation.\n\nFinally, some documentation syntax issues are corrected.\n\nChange-Id: I33bbe2da67683faafd0749b687b99237ac815009\n"
    },
    {
      "commit": "97117b0cc1b6c0f2462a66951bfbee2ee6310041",
      "tree": "d9caaf95787844d110705942d8f15dad5e91b907",
      "parents": [
        "1f2ba24f4df09ba3711aa520bdf1bedb63e7797a"
      ],
      "author": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Wed May 23 16:31:23 2018 -0700"
      },
      "committer": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Wed May 23 16:38:11 2018 -0700"
      },
      "message": "Fix typos for custom requirements config options descriptions\n\nThis simply corrects some types for the custom requirements-related\nconfig options\u0027 descriptions.\n\nChange-Id: Ibcf4ef0895b365ad75a6714a9a9ec6445037422d\n"
    },
    {
      "commit": "739041fb9c0018326baa55098e6d1a381e08c87c",
      "tree": "04a63d0e9fb34277f977db98a3a209078ec20bd4",
      "parents": [
        "58515edc32a704503155b18d5904c6d96261b3d0"
      ],
      "author": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Sun Mar 25 00:24:03 2018 -0400"
      },
      "committer": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Sat May 19 16:24:33 2018 +0100"
      },
      "message": "feature flag: Policy feature enabled config group\n\nA new configuration group ``[policy_feature_enabled]`` has been added to\nPatrole which will be responsible for collecting the feature flags to be\nused for newly introduced policies or policies that were changed in a\nbackwards-incompatible way.\n\n    * create_port_fixed_ips_ip_address_policy (Neutron)\n    * update_port_fixed_ips_ip_address_policy (Neutron)\n    * limits_extension_used_limits_policy (Cinder)\n    * volume_extension_volume_actions_attach_policy (Cinder)\n    * volume_extension_volume_actions_reserve_policy (Cinder)\n    * volume_extension_volume_actions_unreserve_policy (Cinder)\n\nThese feature flags will be supported until Pike release cycle\nis EOL.\n\nThe motivation behind these feature flags is [0] which adds\nPike/Queens gating to Patrole. However, in Queens, Neutron\nand Cinder renamed or removed a few policies in a backwards-\nincompatible way. These policies can be reviewed here: [1].\n\nThis PS requires another PS [2] in devstack\u0027s lib/tempest\nbecause Patrole, being a branchless project and hosting the\nPatrole devstack plugin itself, must fall back to Tempest\u0027s\ndevstack script to list out the backwards-incompatible\npolicies in Pike.\n\nA documentation update will also come in a follow up with\ninformation on these feature flags.\n\n[0] I76c4a9b8737bf94f230ab141def652b054120f3b\n[1] e.g. http://logs.openstack.org/51/547851/4/check/patrole-member-pike/139c534/job-output.txt.gz#_2018-03-22_21_46_08_392229\n[2] I00bdeff9474c54d38b6d6844a041b305bec01ad8\n\nChange-Id: Ia0d9847908a8e723446c16465d68cd7f622c04cc\n"
    },
    {
      "commit": "4ef7e5309c61583fb2a6e48777188aff06620227",
      "tree": "0a3c947eabf100b82d2b797c4187891efa287ef0",
      "parents": [
        "f1c6757160d89c7115fda36383f2c3846544d04e"
      ],
      "author": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Sun Mar 11 07:17:11 2018 -0400"
      },
      "committer": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Mon Mar 26 19:44:15 2018 +0100"
      },
      "message": "Remove already-deprecated strict_policy_check option\n\nThe option ``[patrole].strict_policy_check`` was deprecated\nduring the last release cycle (Queens). This was because the\noption could be set to False in order to skip tests which\nmight result in false positives.\n\nThis PS, then, removes strict_policy_check references in the code,\nupdates documentation, and adds a releasenote.\n\nChange-Id: I7f7eda39c0472bd3d70892c801fc4d14db0c0426\n"
    },
    {
      "commit": "b58c1197e9cbedb0713ea2342e8710d9869a1362",
      "tree": "065b7cb38206f89237925f1056c2d6a65ef02c15",
      "parents": [
        "feec999bde210930fe1e8b16bbc60c093927c608"
      ],
      "author": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Mon Nov 20 01:50:24 2017 +0000"
      },
      "committer": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Mon Nov 27 04:58:28 2017 +0000"
      },
      "message": "Remove deprecrated [rbac] config group\n\nThis PS removes the deprecated [rbac] config group. It was replaced\nlast release cycle with the [patrole] config group, which has\nthe exact same options. This is because [patrole] is more user-friendly\nand congruent with the project name.\n\nChange-Id: Id1a7af0445bd50f44ddcc4277f952391968726b8\n"
    },
    {
      "commit": "098a8cd057a104499bdac26140fc25f8e08e6452",
      "tree": "b316ab179b9ebe77ea14014b9febf8ed99ba8fcf",
      "parents": [
        "bb3c257f77e52bf9da2f0822d40a2a716275bd8f"
      ],
      "author": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Wed Sep 20 21:31:27 2017 +0100"
      },
      "committer": {
        "name": "Felipe Monteiro",
        "email": "felipe.monteiro@att.com",
        "time": "Wed Oct 04 01:17:13 2017 +0000"
      },
      "message": "Auto-generate sample config file\n\nThis PS auto-generates the sample config file using\noslo-config-generator which is how every project should reliably\nproduce a config file.\n\nIn addition, the Patrole documentation was updated to link to the\ngenerated config file, so that the documentation accurately\nshows config options.\n\nChange-Id: Ib3c39084b4c2b5a0078d1293d882cf9a9050b29b\nCloses-Bug: #1709490\n"
    }
  ]
}