From 93d322c7c7f5b1043558bf590e8cab50d80ed7fe Mon Sep 17 00:00:00 2001
From: Dai Dang Van <daidv@vn.fujitsu.com>
Date: Thu, 19 Oct 2017 11:40:28 +0700
Subject: [PATCH] Implement policy in code (3)

This commit will move all default policies to code for:
- telemetry:get_alarm_state
- telemetry:change_alarm_state
- telemetry:alarm_history
- telemetry:query_alarm_history

Change-Id: I78f7d723240a50cd9bb56b7a53dad7eb945c0850
Co-authored-By: Hieu LE <hieulq@vn.fujitsu.com>
---
 aodh/api/policies.py | 44 ++++++++++++++++++++++++++++++++++++++++++++
 aodh/api/policy.json |  7 -------
 2 files changed, 44 insertions(+), 7 deletions(-)
 delete mode 100644 aodh/api/policy.json

diff --git a/aodh/api/policies.py b/aodh/api/policies.py
index 28a1b7530..2f11c1476 100644
--- a/aodh/api/policies.py
+++ b/aodh/api/policies.py
@@ -100,6 +100,50 @@ rules = [
                 'method': 'DELETE'
             }
         ]
+    ),
+    policy.DocumentedRuleDefault(
+        name="telemetry:get_alarm_state",
+        check_str=RULE_ADMIN_OR_OWNER,
+        description='Get the state of this alarm.',
+        operations=[
+            {
+                'path': '/v2/alarms/{alarm_id}/state',
+                'method': 'GET'
+            }
+        ]
+    ),
+    policy.DocumentedRuleDefault(
+        name="telemetry:change_alarm_state",
+        check_str=RULE_ADMIN_OR_OWNER,
+        description='Set the state of this alarm.',
+        operations=[
+            {
+                'path': '/v2/alarms/{alarm_id}/state',
+                'method': 'PUT'
+            }
+        ]
+    ),
+    policy.DocumentedRuleDefault(
+        name="telemetry:alarm_history",
+        check_str=RULE_ADMIN_OR_OWNER,
+        description='Assembles the alarm history requested.',
+        operations=[
+            {
+                'path': '/v2/alarms/{alarm_id}/history',
+                'method': 'GET'
+            }
+        ]
+    ),
+    policy.DocumentedRuleDefault(
+        name="telemetry:query_alarm_history",
+        check_str=RULE_ADMIN_OR_OWNER,
+        description='Define query for retrieving AlarmChange data.',
+        operations=[
+            {
+                'path': '/v2/query/alarms/history',
+                'method': 'POST'
+            }
+        ]
     )
 ]
 
diff --git a/aodh/api/policy.json b/aodh/api/policy.json
deleted file mode 100644
index f125cc0d1..000000000
--- a/aodh/api/policy.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-    "telemetry:get_alarm_state": "rule:admin_or_owner",
-    "telemetry:change_alarm_state": "rule:admin_or_owner",
-
-    "telemetry:alarm_history": "rule:admin_or_owner",
-    "telemetry:query_alarm_history": "rule:admin_or_owner"
-}