Invalid policy actions should result in skipException being thrown

Registered by Felipe Monteiro

Currently, if an invalid policy action is passed to the rbac_rule_validation.action decorator, then rbac_policy_parser.RbacPolicyParser.allowed => false to rbac_auth.RbacAuthority.get_permission => false to allowed in rbac_rule_validation. At this point, if the test passes, then an OverPermission error is thrown which is nonsensical. If the test fails, then the test will silently pass. This is very bad.

Instead, the Patrole framework should be changed to throw a skipException if the policy action that is passed to the decorator is invalid, with a detail error message as to what happened. The reason why a skipException should be thrown is because of backwards compatibility: since policy actions change all the time, they are not backwards compatible. Failing the test in a previous version of, say, Nova, will make adopting Patrole for testing in earlier OS releases more challenging, because failures might occur constantly, since the policy actions don't exist in either the default policy file or a custom policy file.

Also, expecting a failure is not appropriate either, since there is no perfect correlation between the policy action being passed in and the logic inside the test. (For example, it is possible to set the policy action to "foo", then call "nova list" -- the test will probably pass, causing the expected failure to fail.)

Blueprint information

Status:
Complete
Approver:
Samantha Blanco
Priority:
Undefined
Drafter:
Felipe Monteiro
Direction:
Needs approval
Assignee:
Felipe Monteiro
Definition:
Approved
Series goal:
None
Implementation:
Implemented
Milestone target:
None
Started by
Felipe Monteiro
Completed by
Felipe Monteiro

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:skip_invalid_policy_actions,n,z

Addressed by: https://review.openstack.org/445678
    Throw skipException for invalid policy actions.

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.