Add Glance policy tests
Registered by
Yaniv Kaul
Glance supports granular permission that is specified by a policy file.
See http://
Tempest should configure the policy file to some non-default policy and test permissions.
Example:
Edit /etc/glance/
{
"default": [],
"add_image": ["role:admin"],
"modify_image": ["role:admin"],
"delete_image": ["role:admin"]
}
1. upload an image using a non-admin and a non-superuser role
2. Try to delete using 'glance image-delete' it with a user which is not in an admin role.
Non-admin fails with HTTP403, admin succeeds
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- Attila Fazekas
- Definition:
- Superseded
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Giulio Fidente
Related branches
Related bugs
Sprints
Whiteboard
For new API tests please use: https:/
(?)