def setUp(self):
super(InstanceUsageAuditLogPolicyTest, self).setUp()
self.controller = iual.InstanceUsageAuditLogController()
self.req = fakes.HTTPRequest.blank('')
self.controller.host_api.task_log_get_all = mock.MagicMock()
self.controller.host_api.service_get_all = mock.MagicMock()
# Check that admin is able to get instance usage audit log.
# NOTE(gmann): Until old default rule which is admin_api is
# deprecated and not removed, project admin and legacy admin
# will be able to get instance usage audit log. This make sure
# that existing tokens will keep working even we have changed
# this policy defaults to reader role.
self.reader_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context, self.system_member_context,
self.system_reader_context
]
# Check that non-admin is not able to get instance usage audit log.
self.reader_unauthorized_contexts = [
self.system_foo_context, self.project_member_context,
self.other_project_member_context,
self.other_project_reader_context, self.project_foo_context,
self.project_reader_context
]
def setUp(self):
super(InstanceUsageAuditLogPolicyTest, self).setUp()
self.controller = iual.InstanceUsageAuditLogController()
self.req = fakes.HTTPRequest.blank('')
self.controller.host_api.task_log_get_all = mock.MagicMock()
self.controller.host_api.service_get_all = mock.MagicMock()
# With legacy rule, all admin_api will be able to get instance usage
# audit log.
self.admin_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context
]
def setUp(self):
super(InstanceUsageAuditPolicyEnforcementV21, self).setUp()
self.controller = v21_ial.InstanceUsageAuditLogController()
self.req = fakes.HTTPRequest.blank('')
def _set_up_controller(self):
self.controller = v21_ial.InstanceUsageAuditLogController()