def test_standardpolicy(self):
target_good = {
'user_id': self.context.user_id,
'project_id': self.context.project_id
}
target_wrong = {
'user_id': self.context.user_id,
'project_id': 'bad_project'
}
action = "blazar:leases"
self.assertTrue(policy.enforce(self.context, action, target_good))
self.assertFalse(
policy.enforce(self.context, action, target_wrong, False))
def get_leases(self):
"""List all existing leases."""
ctx = context.current()
if policy.enforce(ctx, 'admin', {}, do_raise=False):
project_id = None
else:
project_id = ctx.project_id
return self.manager_rpcapi.list_leases(project_id=project_id)
def test_elevatedpolicy(self):
target = {
'user_id': self.context.user_id,
'project_id': self.context.project_id
}
action = "blazar:oshosts"
self.assertRaises(exceptions.PolicyNotAuthorized, policy.enforce,
self.context, action, target)
elevated_context = self.context.elevated()
self.assertTrue(policy.enforce(elevated_context, action, target))