Reset the policy after loading extensions

The loading of extensions might impact how rules are interpreted in the
policies; for instance, the external-net extension specifies how to
convert the router:external field of a network (to a boolean). So we
need to make sure that the policy is recreated afterwards.

We also need to fix a unit test that assumes that the policy is loaded.

Change-Id: Ifde13323b1435fc84c6cb24ab6a71de5d67f6b9f
Closes-Bug: #1280738

neutron/api/extensions.py

@@ -32,6 +32,7 @@ from neutron.common import exceptions
 import neutron.extensions
 from neutron.manager import NeutronManager
 from neutron.openstack.common import log as logging
+from neutron import policy
 from neutron import wsgi
 
 
@@ -401,6 +402,7 @@ class ExtensionManager(object):
         self.path = path
         self.extensions = {}
         self._load_all_extensions()
+        policy.reset()
 
     def get_resources(self):
         """Returns a list of ResourceExtension objects."""

neutron/tests/unit/test_api_v2.py

@@ -36,6 +36,7 @@ from neutron.manager import NeutronManager
 from neutron.openstack.common.notifier import api as notifer_api
 from neutron.openstack.common import policy as common_policy
 from neutron.openstack.common import uuidutils
+from neutron import policy
 from neutron import quota
 from neutron.tests import base
 from neutron.tests.unit import testlib_api
@@ -1060,6 +1061,7 @@ class JSONV2TestCase(APIv2TestBase, testlib_api.WebTestCase):
     def test_get_keystone_strip_admin_only_attribute(self):
         tenant_id = _uuid()
         # Inject rule in policy engine
+        policy.init()
         common_policy._rules['get_network:name'] = common_policy.parse_rule(
             "rule:admin_only")
         res = self._test_get(tenant_id, tenant_id, 200)