From 3a7392af311c250abd2795d76f13cb0048d77e42 Mon Sep 17 00:00:00 2001 From: Vincent Untz Date: Sun, 16 Feb 2014 10:33:44 +0100 Subject: [PATCH] Reset the policy after loading extensions The loading of extensions might impact how rules are interpreted in the policies; for instance, the external-net extension specifies how to convert the router:external field of a network (to a boolean). So we need to make sure that the policy is recreated afterwards. We also need to fix a unit test that assumes that the policy is loaded. Change-Id: Ifde13323b1435fc84c6cb24ab6a71de5d67f6b9f Closes-Bug: #1280738 --- neutron/api/extensions.py | 2 ++ neutron/tests/unit/test_api_v2.py | 2 ++ 2 files changed, 4 insertions(+) diff --git a/neutron/api/extensions.py b/neutron/api/extensions.py index 6b84a0c4f4..f4c1af79e6 100644 --- a/neutron/api/extensions.py +++ b/neutron/api/extensions.py @@ -32,6 +32,7 @@ from neutron.common import exceptions import neutron.extensions from neutron.manager import NeutronManager from neutron.openstack.common import log as logging +from neutron import policy from neutron import wsgi @@ -401,6 +402,7 @@ class ExtensionManager(object): self.path = path self.extensions = {} self._load_all_extensions() + policy.reset() def get_resources(self): """Returns a list of ResourceExtension objects.""" diff --git a/neutron/tests/unit/test_api_v2.py b/neutron/tests/unit/test_api_v2.py index 61e3eb371a..e8a2e7a801 100644 --- a/neutron/tests/unit/test_api_v2.py +++ b/neutron/tests/unit/test_api_v2.py @@ -36,6 +36,7 @@ from neutron.manager import NeutronManager from neutron.openstack.common.notifier import api as notifer_api from neutron.openstack.common import policy as common_policy from neutron.openstack.common import uuidutils +from neutron import policy from neutron import quota from neutron.tests import base from neutron.tests.unit import testlib_api @@ -1060,6 +1061,7 @@ class JSONV2TestCase(APIv2TestBase, testlib_api.WebTestCase): def test_get_keystone_strip_admin_only_attribute(self): tenant_id = _uuid() # Inject rule in policy engine + policy.init() common_policy._rules['get_network:name'] = common_policy.parse_rule( "rule:admin_only") res = self._test_get(tenant_id, tenant_id, 200)