def setUp(self):
super(PolicyTestCase, self).setUp()
policy.reset()
# NOTE(vish): preload rules to circumvent reloading from file
policy.init()
rules = {
"true": [],
"example:allowed": [],
"example:denied": [["false:false"]],
"example:get_http": [["http:http://www.example.com"]],
"example:my_file": [["role:compute_admin"],
["project_id:%(project_id)s"]],
"example:early_and_fail": [["false:false", "rule:true"]],
"example:early_or_success": [["rule:true"], ["false:false"]],
"example:sysadmin_allowed": [["role:admin"], ["role:sysadmin"]],
}
# NOTE(vish): then overload underlying brain
common_policy.set_brain(common_policy.HttpBrain(rules))
self.context = context.RequestContext('fake', 'fake', roles=['member'])
self.admin_context = context.RequestContext('admin',
'fake',
roles=['admin'],
is_admin=True)
self.target = {}
def _set_brain(data):
policy.set_brain(policy.HttpBrain.load_json(data))