)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":21129,"name":"Alan Bishop","email":"abishopsweng@gmail.com","username":"ASBishop","status":"ex Red Hat"},"change_message_id":"36a99a58f4ccf5105da4cc4b8db6e72f252d46b5","unresolved":true,"context_lines":[{"line_number":4,"context_line":"Commit:     Alan Bishop \u003cabishop@redhat.com\u003e"},{"line_number":5,"context_line":"CommitDate: 2021-09-07 06:14:46 -0700"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"WIP: Implement Xena project personas for volume types"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"Implements the 3 Xena personas (no system scope).  Also:"},{"line_number":10,"context_line":"- introduces new policies for volume-type create, update, and delete"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":8,"id":"eb542f0a_2ea96c32","line":7,"range":{"start_line":7,"start_character":0,"end_line":7,"end_character":3},"updated":"2021-09-07 18:25:31.000000000","message":"Removing the WIP would help identify this patch as one that is targeted for Xena","commit_id":"952259b5b0c28f96a31df7ab9d6f7562995f38e7"}],"cinder/policies/base.py":[{"author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"tag":"autogenerated:zuul:check","change_message_id":"7c9e7c603591c8699aeff27db797670edbcc0645","unresolved":false,"context_lines":[{"line_number":28,"context_line":""},{"line_number":29,"context_line":"SYSTEM_OR_DOMAIN_OR_PROJECT_ADMIN \u003d \u0027rule:system_or_domain_or_project_admin\u0027"},{"line_number":30,"context_line":"SYSTEM_OR_PROJECT_ADMIN \u003d \u0027(\u0027 + SYSTEM_ADMIN + \u0027) or (\u0027 + PROJECT_ADMIN + \u0027)\u0027"},{"line_number":31,"context_line":"SYSTEM_OR_PROJECT_MEMBER \u003d \u0027(\u0027 + SYSTEM_MEMBER + \u0027) or (\u0027 + PROJECT_MEMBER + \u0027)\u0027"},{"line_number":32,"context_line":"SYSTEM_OR_PROJECT_READER \u003d \u0027(\u0027 + SYSTEM_READER + \u0027) or (\u0027 + PROJECT_READER + \u0027)\u0027"},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"rules \u003d ["}],"source_content_type":"text/x-python","patch_set":1,"id":"1f621f24_e6e5630c","line":31,"updated":"2020-10-28 21:14:27.000000000","message":"pep8: E501 line too long (80 \u003e 79 characters)","commit_id":"88df994543951a767597e3e58e6ca3d28b46a9f4"},{"author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"tag":"autogenerated:zuul:check","change_message_id":"7c9e7c603591c8699aeff27db797670edbcc0645","unresolved":false,"context_lines":[{"line_number":29,"context_line":"SYSTEM_OR_DOMAIN_OR_PROJECT_ADMIN \u003d \u0027rule:system_or_domain_or_project_admin\u0027"},{"line_number":30,"context_line":"SYSTEM_OR_PROJECT_ADMIN \u003d \u0027(\u0027 + SYSTEM_ADMIN + \u0027) or (\u0027 + PROJECT_ADMIN + \u0027)\u0027"},{"line_number":31,"context_line":"SYSTEM_OR_PROJECT_MEMBER \u003d \u0027(\u0027 + SYSTEM_MEMBER + \u0027) or (\u0027 + PROJECT_MEMBER + \u0027)\u0027"},{"line_number":32,"context_line":"SYSTEM_OR_PROJECT_READER \u003d \u0027(\u0027 + SYSTEM_READER + \u0027) or (\u0027 + PROJECT_READER + \u0027)\u0027"},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"rules \u003d ["},{"line_number":35,"context_line":"    policy.RuleDefault(\u0027context_is_admin\u0027, \u0027role:admin\u0027,"}],"source_content_type":"text/x-python","patch_set":1,"id":"1f621f24_c6e2e701","line":32,"updated":"2020-10-28 21:14:27.000000000","message":"pep8: E501 line too long (80 \u003e 79 characters)","commit_id":"88df994543951a767597e3e58e6ca3d28b46a9f4"}],"cinder/policies/volume_type.py":[{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"b1a372f922364fe199e44aca8501cda5d1e7da6f","unresolved":false,"context_lines":[{"line_number":61,"context_line":"        ]),"},{"line_number":62,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":63,"context_line":"        name\u003dGET_ALL_POLICY,"},{"line_number":64,"context_line":"        check_str\u003d\"\","},{"line_number":65,"context_line":"        description\u003d\"List volume types.\","},{"line_number":66,"context_line":"        operations\u003d["},{"line_number":67,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":1,"id":"1f621f24_90882520","side":"PARENT","line":64,"range":{"start_line":64,"start_character":17,"end_line":64,"end_character":21},"updated":"2020-10-28 19:07:42.000000000","message":"This was previously unprotected. Did anyone have the ability to get any volume type?\n\nI wrote these new policies thinking that system users could get any volume type. Project users would only be able to get the volume type associated to their projects, though.","commit_id":"4ba759d0ba14715bd4f461e25dbf7eec1df73aa1"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"b1a372f922364fe199e44aca8501cda5d1e7da6f","unresolved":false,"context_lines":[{"line_number":102,"context_line":"        ]),"},{"line_number":103,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":104,"context_line":"        name\u003dCREATE_ENCRYPTION_POLICY,"},{"line_number":105,"context_line":"        check_str\u003dENCRYPTION_BASE_POLICY_RULE,"},{"line_number":106,"context_line":"        description\u003d\"Create volume type encryption.\","},{"line_number":107,"context_line":"        operations\u003d["},{"line_number":108,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":1,"id":"1f621f24_d09e1d53","side":"PARENT","line":105,"range":{"start_line":105,"start_character":18,"end_line":105,"end_character":45},"updated":"2020-10-28 19:07:42.000000000","message":"I\u0027m not sure I understand the original rule here?","commit_id":"4ba759d0ba14715bd4f461e25dbf7eec1df73aa1"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"b1a372f922364fe199e44aca8501cda5d1e7da6f","unresolved":false,"context_lines":[{"line_number":80,"context_line":"volume_type_policies \u003d ["},{"line_number":81,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":82,"context_line":"        name\u003dMANAGE_POLICY,"},{"line_number":83,"context_line":"        check_str\u003dbase.SYSTEM_ADMIN,"},{"line_number":84,"context_line":"        scope_types\u003d[\u0027system\u0027],"},{"line_number":85,"context_line":"        description\u003d\"Create, update and delete volume type.\","},{"line_number":86,"context_line":"        operations\u003d["}],"source_content_type":"text/x-python","patch_set":1,"id":"1f621f24_b0aa8182","line":83,"range":{"start_line":83,"start_character":23,"end_line":83,"end_character":35},"updated":"2020-10-28 19:07:42.000000000","message":"Should we open this up to project administrators? What about domain users?","commit_id":"88df994543951a767597e3e58e6ca3d28b46a9f4"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"b1a372f922364fe199e44aca8501cda5d1e7da6f","unresolved":false,"context_lines":[{"line_number":85,"context_line":"        description\u003d\"Create, update and delete volume type.\","},{"line_number":86,"context_line":"        operations\u003d["},{"line_number":87,"context_line":"            {"},{"line_number":88,"context_line":"                \u0027method\u0027: \u0027POST\u0027,"},{"line_number":89,"context_line":"                \u0027path\u0027: \u0027/types\u0027"},{"line_number":90,"context_line":"            },"},{"line_number":91,"context_line":"            {"},{"line_number":92,"context_line":"                \u0027method\u0027: \u0027PUT\u0027,"},{"line_number":93,"context_line":"                \u0027path\u0027: \u0027/types\u0027"},{"line_number":94,"context_line":"            },"},{"line_number":95,"context_line":"            {"},{"line_number":96,"context_line":"                \u0027method\u0027: \u0027DELETE\u0027,"},{"line_number":97,"context_line":"                \u0027path\u0027: \u0027/types\u0027"},{"line_number":98,"context_line":"            }"},{"line_number":99,"context_line":"        ],"},{"line_number":100,"context_line":"        deprecated_rule\u003ddeprecated_manage_types,"}],"source_content_type":"text/x-python","patch_set":1,"id":"1f621f24_d090dd51","line":97,"range":{"start_line":88,"start_character":0,"end_line":97,"end_character":32},"updated":"2020-10-28 19:07:42.000000000","message":"Do we want to evetually write separate policies for these so that they\u0027re more granular?","commit_id":"88df994543951a767597e3e58e6ca3d28b46a9f4"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"b1a372f922364fe199e44aca8501cda5d1e7da6f","unresolved":false,"context_lines":[{"line_number":133,"context_line":"    ),"},{"line_number":134,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":135,"context_line":"        name\u003dENCRYPTION_POLICY,"},{"line_number":136,"context_line":"        check_str\u003dbase.SYSTEM_ADMIN,"},{"line_number":137,"context_line":"        scope_types\u003d[\u0027system\u0027],"},{"line_number":138,"context_line":"        description\u003d\"Base policy for all volume type encryption type \""},{"line_number":139,"context_line":"                    \"operations.  This can be used to set the policies \""}],"source_content_type":"text/x-python","patch_set":1,"id":"1f621f24_3077913d","line":136,"range":{"start_line":136,"start_character":23,"end_line":136,"end_character":35},"updated":"2020-10-28 19:07:42.000000000","message":"Should this functionality be exposed only to system admins or should it be opened up to system members?","commit_id":"88df994543951a767597e3e58e6ca3d28b46a9f4"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"65243364380fc0613c8f26b19ce7be72e38a9120","unresolved":true,"context_lines":[{"line_number":132,"context_line":"        deprecated_since\u003dversionutils.deprecated.WALLABY"},{"line_number":133,"context_line":"    ),"},{"line_number":134,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":135,"context_line":"        name\u003dENCRYPTION_POLICY,"},{"line_number":136,"context_line":"        check_str\u003dbase.SYSTEM_ADMIN,"},{"line_number":137,"context_line":"        scope_types\u003d[\u0027system\u0027],"},{"line_number":138,"context_line":"        description\u003d\"Base policy for all volume type encryption type \""}],"source_content_type":"text/x-python","patch_set":2,"id":"7a7ddcca_0c8a8837","line":135,"updated":"2021-01-12 00:53:39.000000000","message":"We need to talk about what to do with this one.","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"65243364380fc0613c8f26b19ce7be72e38a9120","unresolved":true,"context_lines":[{"line_number":169,"context_line":"    ),"},{"line_number":170,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":171,"context_line":"        name\u003dCREATE_ENCRYPTION_POLICY,"},{"line_number":172,"context_line":"        check_str\u003dbase.SYSTEM_OR_PROJECT_ADMIN,"},{"line_number":173,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":174,"context_line":"        description\u003d\"Create volume type encryption.\","},{"line_number":175,"context_line":"        operations\u003d["},{"line_number":176,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":2,"id":"cc7f2098_858090b8","line":173,"range":{"start_line":172,"start_character":0,"end_line":173,"end_character":42},"updated":"2021-01-12 00:53:39.000000000","message":"This should be\n\n  check_str\u003dbase.SYSTEM_ADMIN,\n  scope_types\u003d[\u0027system\u0027],\n\n(Just so you know what\u0027s going on here:  the \"regular\" volume-type-show response will indicate whether a volume-type is \"encrypted\" or not.  This policy governs display of the details of the encryption-specs, which could be backend-specific info that we don\u0027t want to expose to non-system-scoped users.)","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"65243364380fc0613c8f26b19ce7be72e38a9120","unresolved":true,"context_lines":[{"line_number":185,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":186,"context_line":"        name\u003dGET_ENCRYPTION_POLICY,"},{"line_number":187,"context_line":"        check_str\u003dbase.SYSTEM_OR_PROJECT_READER,"},{"line_number":188,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":189,"context_line":"        description\u003d\"Show a volume type\u0027s encryption type, \""},{"line_number":190,"context_line":"                    \"show an encryption specs item.\","},{"line_number":191,"context_line":"        operations\u003d["}],"source_content_type":"text/x-python","patch_set":2,"id":"c750dd36_8d634fbe","line":188,"updated":"2021-01-12 00:53:39.000000000","message":"This should be\n\n  check_str\u003dbase.SYSTEM_ADMIN,\n  scope_types\u003d[\u0027system\u0027],","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"750526e040bcb0aa0f0a8ec81ea375770ec2cf90","unresolved":false,"context_lines":[{"line_number":185,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":186,"context_line":"        name\u003dGET_ENCRYPTION_POLICY,"},{"line_number":187,"context_line":"        check_str\u003dbase.SYSTEM_OR_PROJECT_READER,"},{"line_number":188,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":189,"context_line":"        description\u003d\"Show a volume type\u0027s encryption type, \""},{"line_number":190,"context_line":"                    \"show an encryption specs item.\","},{"line_number":191,"context_line":"        operations\u003d["}],"source_content_type":"text/x-python","patch_set":2,"id":"94540696_0b2b62aa","line":188,"in_reply_to":"c750dd36_8d634fbe","updated":"2021-02-17 03:05:53.000000000","message":"Done","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"65243364380fc0613c8f26b19ce7be72e38a9120","unresolved":true,"context_lines":[{"line_number":205,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":206,"context_line":"        name\u003dUPDATE_ENCRYPTION_POLICY,"},{"line_number":207,"context_line":"        check_str\u003dbase.SYSTEM_OR_PROJECT_ADMIN,"},{"line_number":208,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":209,"context_line":"        description\u003d\"Update volume type encryption.\","},{"line_number":210,"context_line":"        operations\u003d["},{"line_number":211,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":2,"id":"c1f7438f_8f441e21","line":208,"updated":"2021-01-12 00:53:39.000000000","message":"This should be\n\n  check_str\u003dbase.SYSTEM_ADMIN,\n  scope_types\u003d[\u0027system\u0027],","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"750526e040bcb0aa0f0a8ec81ea375770ec2cf90","unresolved":false,"context_lines":[{"line_number":205,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":206,"context_line":"        name\u003dUPDATE_ENCRYPTION_POLICY,"},{"line_number":207,"context_line":"        check_str\u003dbase.SYSTEM_OR_PROJECT_ADMIN,"},{"line_number":208,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":209,"context_line":"        description\u003d\"Update volume type encryption.\","},{"line_number":210,"context_line":"        operations\u003d["},{"line_number":211,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":2,"id":"f4822423_5d42be2c","line":208,"in_reply_to":"c1f7438f_8f441e21","updated":"2021-02-17 03:05:53.000000000","message":"Done","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"65243364380fc0613c8f26b19ce7be72e38a9120","unresolved":true,"context_lines":[{"line_number":220,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":221,"context_line":"        name\u003dDELETE_ENCRYPTION_POLICY,"},{"line_number":222,"context_line":"        check_str\u003dbase.SYSTEM_OR_PROJECT_ADMIN,"},{"line_number":223,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":224,"context_line":"        description\u003d\"Delete volume type encryption.\","},{"line_number":225,"context_line":"        operations\u003d["},{"line_number":226,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":2,"id":"8a25397f_99e745af","line":223,"updated":"2021-01-12 00:53:39.000000000","message":"This should be\n\n  check_str\u003dbase.SYSTEM_ADMIN,\n  scope_types\u003d[\u0027system\u0027],","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"750526e040bcb0aa0f0a8ec81ea375770ec2cf90","unresolved":false,"context_lines":[{"line_number":220,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":221,"context_line":"        name\u003dDELETE_ENCRYPTION_POLICY,"},{"line_number":222,"context_line":"        check_str\u003dbase.SYSTEM_OR_PROJECT_ADMIN,"},{"line_number":223,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":224,"context_line":"        description\u003d\"Delete volume type encryption.\","},{"line_number":225,"context_line":"        operations\u003d["},{"line_number":226,"context_line":"            {"}],"source_content_type":"text/x-python","patch_set":2,"id":"670c6408_1606eee2","line":223,"in_reply_to":"8a25397f_99e745af","updated":"2021-02-17 03:05:53.000000000","message":"Done","commit_id":"d014b87fa8cf0c6c9862f80deace9509db2cd892"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"34f85fa977debc56692cd48031929f2474c513ce","unresolved":true,"context_lines":[{"line_number":47,"context_line":""},{"line_number":48,"context_line":"volume_type_policies \u003d ["},{"line_number":49,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":50,"context_line":"        name\u003dMANAGE_POLICY,"},{"line_number":51,"context_line":"        check_str\u003dbase.RULE_ADMIN_API,"},{"line_number":52,"context_line":"        scope_types\u003d[\u0027system\u0027, \u0027project\u0027],"},{"line_number":53,"context_line":"        description\u003d\"Create, update and delete volume type.\","}],"source_content_type":"text/x-python","patch_set":3,"id":"39ad2081_66e4bd92","line":50,"updated":"2021-02-17 19:23:37.000000000","message":"We could break this policy into more granular rules, giving operators the ability to separate different sets of writable operations.","commit_id":"cc1053d9adfa0f08b591fba68613dc3409f53de9"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"9113eb91f4cc3d0e5083cac68cbf07fcb7d9dab8","unresolved":true,"context_lines":[{"line_number":182,"context_line":"                \u0027path\u0027: \u0027/types\u0027"},{"line_number":183,"context_line":"            }"},{"line_number":184,"context_line":"        ]),"},{"line_number":185,"context_line":"    # TODO: remove in Yoga"},{"line_number":186,"context_line":"    policy.RuleDefault("},{"line_number":187,"context_line":"        name\u003dENCRYPTION_POLICY,"},{"line_number":188,"context_line":"        check_str\u003dbase.RULE_ADMIN_API,"},{"line_number":189,"context_line":"        description\u003d(\u0027DEPRECATED: This rule will be removed in the Yoga \u0027"},{"line_number":190,"context_line":"                     \u0027release.\u0027)"},{"line_number":191,"context_line":"    ),"},{"line_number":192,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":193,"context_line":"        name\u003dCREATE_ENCRYPTION_POLICY,"}],"source_content_type":"text/x-python","patch_set":6,"id":"e810ad56_d40551e0","line":190,"range":{"start_line":185,"start_character":0,"end_line":190,"end_character":32},"updated":"2021-08-30 20:26:43.000000000","message":"This is a weird one.  Looking at the generated sample policy.yaml may help explain why I did it this way: https://paste.opendev.org/show/808414/","commit_id":"7220e5289071873c8b1f00052ab9bf7e23e052be"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"f2605a52787274d34e8cfff547d2ca797ae7a66c","unresolved":true,"context_lines":[{"line_number":182,"context_line":"                \u0027path\u0027: \u0027/types\u0027"},{"line_number":183,"context_line":"            }"},{"line_number":184,"context_line":"        ]),"},{"line_number":185,"context_line":"    # TODO: remove in Yoga"},{"line_number":186,"context_line":"    policy.RuleDefault("},{"line_number":187,"context_line":"        name\u003dENCRYPTION_POLICY,"},{"line_number":188,"context_line":"        check_str\u003dbase.RULE_ADMIN_API,"},{"line_number":189,"context_line":"        description\u003d(\u0027DEPRECATED: This rule will be removed in the Yoga \u0027"},{"line_number":190,"context_line":"                     \u0027release.\u0027)"},{"line_number":191,"context_line":"    ),"},{"line_number":192,"context_line":"    policy.DocumentedRuleDefault("},{"line_number":193,"context_line":"        name\u003dCREATE_ENCRYPTION_POLICY,"}],"source_content_type":"text/x-python","patch_set":6,"id":"f61b5cfd_acab4869","line":190,"range":{"start_line":185,"start_character":0,"end_line":190,"end_character":32},"in_reply_to":"e810ad56_d40551e0","updated":"2021-09-03 19:34:19.000000000","message":"You should be able to do something like this:\n\n    policy.DocumentedRuleDefault(\n        name\u003dENCRYPTION_POLICY,\n        check_str\u003dbase.RULE_ADMIN_API,\n        description\u003d\"Base policy for all volume type encryption type \"\n                    \"operations.  This can be used to set the policies \"\n                    \"for a volume type\u0027s encryption type create, show, \"\n                    \"update, and delete actions in one place, or any of \"\n                    \"those may be set individually using the following \"\n                    \"policy targets for finer grained control.\",\n        operations\u003d\u003csnip\u003e\n        deprecated_for_removal\u003dTrue\n    ),\n\nThe RuleDefault object supports a deprecated_for_removal parameter that will output a deprecated message in the sample file. I also think it leaves messages for the operator in the service\u0027s API logs, which this approach won\u0027t do.\n\nhttps://github.com/openstack/oslo.policy/blob/master/oslo_policy/policy.py#L648-L649\nhttps://github.com/openstack/oslo.policy/blob/c7fd9f4fcd43fb78534921530d981634ec516344/oslo_policy/policy.py#L690","commit_id":"7220e5289071873c8b1f00052ab9bf7e23e052be"},{"author":{"_account_id":21129,"name":"Alan Bishop","email":"abishopsweng@gmail.com","username":"ASBishop","status":"ex Red Hat"},"change_message_id":"7b7f2a95ff890d3aa64c4d0b1bcbec59c67fb384","unresolved":true,"context_lines":[{"line_number":52,"context_line":")"},{"line_number":53,"context_line":"deprecated_encryption_create_policy \u003d base.CinderDeprecatedRule("},{"line_number":54,"context_line":"    name\u003dCREATE_ENCRYPTION_POLICY,"},{"line_number":55,"context_line":"    # TODO: change to base.RULE_ADMIN_API in Yoga \u0026 remove dep_reason"},{"line_number":56,"context_line":"    check_str\u003dENCRYPTION_BASE_POLICY_RULE,"},{"line_number":57,"context_line":"    deprecated_reason\u003dGENERAL_ENCRYPTION_POLICY_REASON,"},{"line_number":58,"context_line":")"}],"source_content_type":"text/x-python","patch_set":8,"id":"0dac2a76_84e36462","line":55,"updated":"2021-09-07 18:23:52.000000000","message":"I got clarification from Brian on this comment. It\u0027s to remind us that RULE_ADMIN_API will be deprecated in Y (so the check_str needs to change), but also that the deprecated_reason should be deleted because the base class will provide the reason in Y.","commit_id":"952259b5b0c28f96a31df7ab9d6f7562995f38e7"}],"cinder/tests/unit/policies/test_volume_type.py":[{"author":{"_account_id":27615,"name":"Rajat Dhasmana","email":"rajatdhasmana@gmail.com","username":"whoami-rajat"},"change_message_id":"486f71da96b0be4c3fca4c4a8e8e5271600cc0c6","unresolved":true,"context_lines":[{"line_number":28,"context_line":""},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"@ddt.ddt"},{"line_number":31,"context_line":"class VolumeTypePolicyTest(base.BasePolicyTest):"},{"line_number":32,"context_line":"    \"\"\"Verify default policy settings for the types API\"\"\""},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"    # legacy: everyone can make these calls"}],"source_content_type":"text/x-python","patch_set":9,"id":"87317567_59bb5049","line":31,"updated":"2021-09-13 17:43:25.000000000","message":"Since we are introducing new policies as replacement for manage, would\u0027ve been a good case to include the admin test cases here but this is also good enough to get in.","commit_id":"9843ac3bb3d208a9eeeef999e20c3e85bf509e01"},{"author":{"_account_id":20813,"name":"Sofia Enriquez","email":"lsofia.enriquez@gmail.com","username":"enriquetaso"},"change_message_id":"d89ee3c5c8f2212ffcd14cc4780643495c7a3911","unresolved":true,"context_lines":[{"line_number":77,"context_line":"    def test_type_get_policy(self, user_id):"},{"line_number":78,"context_line":"        rule_name \u003d type_policy.GET_POLICY"},{"line_number":79,"context_line":"        # the default type is guaranteed to exist"},{"line_number":80,"context_line":"        url \u003d self.api_path + \u0027/default\u0027"},{"line_number":81,"context_line":"        req \u003d fake_api.HTTPRequest.blank(url, version\u003dself.api_version)"},{"line_number":82,"context_line":"        self.common_policy_check(user_id,"},{"line_number":83,"context_line":"                                 self.authorized_readers,"}],"source_content_type":"text/x-python","patch_set":9,"id":"db29a1f5_6270ccde","line":80,"updated":"2021-09-13 15:11:04.000000000","message":"OK, the default type is guaranteed to exist but shouldn\u0027t the url be `/types/{type_id}` anyway?","commit_id":"9843ac3bb3d208a9eeeef999e20c3e85bf509e01"},{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"cbb4ed39f892a2b4e1128e8a4b446d35cf7e8ad3","unresolved":true,"context_lines":[{"line_number":77,"context_line":"    def test_type_get_policy(self, user_id):"},{"line_number":78,"context_line":"        rule_name \u003d type_policy.GET_POLICY"},{"line_number":79,"context_line":"        # the default type is guaranteed to exist"},{"line_number":80,"context_line":"        url \u003d self.api_path + \u0027/default\u0027"},{"line_number":81,"context_line":"        req \u003d fake_api.HTTPRequest.blank(url, version\u003dself.api_version)"},{"line_number":82,"context_line":"        self.common_policy_check(user_id,"},{"line_number":83,"context_line":"                                 self.authorized_readers,"}],"source_content_type":"text/x-python","patch_set":9,"id":"35a5940a_2feabde4","line":80,"in_reply_to":"db29a1f5_6270ccde","updated":"2021-09-13 15:22:45.000000000","message":"\u0027/v3/{project_id}/types/default\u0027 is a legal URL, and it\u0027s handled by the \"regular\" type show controller:\nhttps://opendev.org/openstack/cinder/src/commit/4b3a5cc622a78cdffcd64b051052ef59bf59c2cd/cinder/api/v3/types.py#L55\n\n(so I\u0027m only cheating a little bit :) )","commit_id":"9843ac3bb3d208a9eeeef999e20c3e85bf509e01"}]}