diff options
Diffstat (limited to 'keystone-moon/keystone/tests/unit/test_policy.py')
-rw-r--r-- | keystone-moon/keystone/tests/unit/test_policy.py | 45 |
1 files changed, 44 insertions, 1 deletions
diff --git a/keystone-moon/keystone/tests/unit/test_policy.py b/keystone-moon/keystone/tests/unit/test_policy.py index 2c0c3995..30df0b2b 100644 --- a/keystone-moon/keystone/tests/unit/test_policy.py +++ b/keystone-moon/keystone/tests/unit/test_policy.py @@ -14,6 +14,7 @@ # under the License. import json +import os import mock from oslo_policy import policy as common_policy @@ -223,6 +224,48 @@ class PolicyJsonTestCase(tests.TestCase): cloud_policy_keys = self._load_entries( tests.dirs.etc('policy.v3cloudsample.json')) - diffs = set(policy_keys).difference(set(cloud_policy_keys)) + policy_extra_keys = ['admin_or_token_subject', + 'service_admin_or_token_subject', + 'token_subject', ] + expected_policy_keys = list(cloud_policy_keys) + policy_extra_keys + diffs = set(policy_keys).difference(set(expected_policy_keys)) self.assertThat(diffs, matchers.Equals(set())) + + def test_all_targets_documented(self): + # All the targets in the sample policy file must be documented in + # doc/source/policy_mapping.rst. + + policy_keys = self._load_entries(tests.dirs.etc('policy.json')) + + # These keys are in the policy.json but aren't targets. + policy_rule_keys = [ + 'admin_or_owner', 'admin_or_token_subject', 'admin_required', + 'default', 'owner', 'service_admin_or_token_subject', + 'service_or_admin', 'service_role', 'token_subject', ] + + def read_doc_targets(): + # Parse the doc/source/policy_mapping.rst file and return the + # targets. + + doc_path = os.path.join( + tests.ROOTDIR, 'doc', 'source', 'policy_mapping.rst') + with open(doc_path) as doc_file: + for line in doc_file: + if line.startswith('Target'): + break + for line in doc_file: + # Skip === line + if line.startswith('==='): + break + for line in doc_file: + line = line.rstrip() + if not line or line.startswith(' '): + continue + if line.startswith('=='): + break + target, dummy, dummy = line.partition(' ') + yield six.text_type(target) + + doc_targets = list(read_doc_targets()) + self.assertItemsEqual(policy_keys, doc_targets + policy_rule_keys) |