)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"79b0f3c3a53d42b78915cdbf775cdcb4a80cee93","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"84b9ecfa_fbf6fd65","updated":"2021-10-11 12:03:33.000000000","message":"It looks like all these methods: \n1) check_create_RBAC_enforcement\n2) check_delete_RBAC_enforcement\n3) check_update_RBAC_enforcement\nare doing the same stuff.\n\nThey are all activating \"_CUD_RBAC_enforcement\"\n\nThe last line for all of them is the same:\nself._CUD_RBAC_enforcement(client_str, method_str, expected_allowed,\n                           *args, **kwargs)\n\n","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"66ae837ea7fe802582af7d2dc5f749903324eaab","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":8,"id":"0827877e_f722b72b","updated":"2021-11-24 09:33:50.000000000","message":"recheck","commit_id":"45ee37764e90aa5dcedacb61cdb8c74b652a2eab"},{"author":{"_account_id":31664,"name":"Omer Schwartz","email":"oschwart@redhat.com","username":"oschwart"},"change_message_id":"5ed6e12a901c82d1fc0658edd6d9761f796c0dda","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":12,"id":"ad68c815_98dc5db9","updated":"2022-06-01 12:15:39.000000000","message":"After the last changes, I am not sure if there is a need to separate between enforce scope and enforce new defaults, as there are some lines which use system_{reader,admin} in case enforce_new_defaults are enabled in tempest, but other than that LGTM.","commit_id":"bf2379bb971437e36b983e48b5435aa326bb1926"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"f504b1526409a013470802b4d9b11c93734eb2fb","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":12,"id":"7119e073_a4756392","updated":"2022-06-07 00:40:20.000000000","message":"LGTM","commit_id":"bf2379bb971437e36b983e48b5435aa326bb1926"}],"designate_tempest_plugin/tests/api/v2/test_blacklists.py":[{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":56,"context_line":""},{"line_number":57,"context_line":"        self.assertExpected(blacklist, body, self.excluded_keys)"},{"line_number":58,"context_line":""},{"line_number":59,"context_line":"        if CONF.dns_feature_enabled.enforce_new_defaults:"},{"line_number":60,"context_line":"            expected_allowed \u003d [\u0027os_system_admin\u0027]"},{"line_number":61,"context_line":"        else:"},{"line_number":62,"context_line":"            expected_allowed \u003d [\u0027os_admin\u0027]"},{"line_number":63,"context_line":""},{"line_number":64,"context_line":"        self.check_create_RBAC_enforcement(\u0027BlacklistsClient\u0027,"},{"line_number":65,"context_line":"                                           \u0027create_blacklist\u0027,"}],"source_content_type":"text/x-python","patch_set":6,"id":"0f6be678_d85c06c6","line":62,"range":{"start_line":59,"start_character":0,"end_line":62,"end_character":43},"updated":"2021-10-10 20:04:29.000000000","message":"Maybe we can remove \"else\" by using\nexpected_allowed \u003d [\u0027os_admin\u0027]\nif CONF.dns_feature_enabled.enforce_new_defaults:\n    expected_allowed \u003d [\u0027os_system_admin\u0027]","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":8556,"name":"Ghanshyam Maan","display_name":"Ghanshyam Maan","email":"gmaan.os14@gmail.com","username":"ghanshyam"},"change_message_id":"864af99b8e6a783f9964cbdbeb536182a946dc20","unresolved":true,"context_lines":[{"line_number":59,"context_line":"        if CONF.dns_feature_enabled.enforce_new_defaults:"},{"line_number":60,"context_line":"            expected_allowed \u003d [\u0027os_system_admin\u0027]"},{"line_number":61,"context_line":"        else:"},{"line_number":62,"context_line":"            expected_allowed \u003d [\u0027os_admin\u0027]"},{"line_number":63,"context_line":""},{"line_number":64,"context_line":"        self.check_create_RBAC_enforcement(\u0027BlacklistsClient\u0027,"},{"line_number":65,"context_line":"                                           \u0027create_blacklist\u0027,"}],"source_content_type":"text/x-python","patch_set":6,"id":"8592487a_aa3c8501","line":62,"range":{"start_line":62,"start_character":12,"end_line":62,"end_character":43},"updated":"2021-10-15 15:03:05.000000000","message":"if enforce_new_defaults is false then both legacy admin and system-admin will have access to APIs, so may be you can check the same.\n\n        else:\n            expected_allowed \u003d [\u0027os_admin\u0027, \u0027os_system_admin\u0027]\n\nditto in below places also.","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":79,"context_line":""},{"line_number":80,"context_line":"        if CONF.dns_feature_enabled.enforce_new_defaults:"},{"line_number":81,"context_line":"            expected_allowed \u003d [\u0027os_system_admin\u0027, \u0027os_system_reader\u0027]"},{"line_number":82,"context_line":"        else:"},{"line_number":83,"context_line":"            expected_allowed \u003d [\u0027os_admin\u0027]"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"        self.check_show_RBAC_enforcement(\u0027BlacklistsClient\u0027, \u0027show_blacklist\u0027,"},{"line_number":86,"context_line":"                                         expected_allowed, blacklist[\u0027id\u0027])"},{"line_number":87,"context_line":""},{"line_number":88,"context_line":"    @decorators.idempotent_id(\u0027dcea40d9-8d36-43cb-8440-4a842faaef0d\u0027)"},{"line_number":89,"context_line":"    def test_delete_blacklist(self):"}],"source_content_type":"text/x-python","patch_set":6,"id":"be8d98ec_0da63ae7","line":86,"range":{"start_line":82,"start_character":0,"end_line":86,"end_character":75},"updated":"2021-10-10 20:04:29.000000000","message":"The same as in L59-62","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":97,"context_line":""},{"line_number":98,"context_line":"        # A blacklist delete returns an empty body"},{"line_number":99,"context_line":"        self.assertEqual(body.strip(), b\"\")"},{"line_number":100,"context_line":""},{"line_number":101,"context_line":"        if CONF.dns_feature_enabled.enforce_new_defaults:"},{"line_number":102,"context_line":"            expected_allowed \u003d [\u0027os_system_admin\u0027]"},{"line_number":103,"context_line":"        else:"},{"line_number":104,"context_line":"            expected_allowed \u003d [\u0027os_admin\u0027]"},{"line_number":105,"context_line":""},{"line_number":106,"context_line":"        self.check_delete_RBAC_enforcement(\u0027BlacklistsClient\u0027,"},{"line_number":107,"context_line":"                                           \u0027delete_blacklist\u0027,"}],"source_content_type":"text/x-python","patch_set":6,"id":"7a5cd528_92b23601","line":104,"range":{"start_line":100,"start_character":0,"end_line":104,"end_character":43},"updated":"2021-10-10 20:04:29.000000000","message":"The same as in L59-62","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":121,"context_line":""},{"line_number":122,"context_line":"        if CONF.dns_feature_enabled.enforce_new_defaults:"},{"line_number":123,"context_line":"            expected_allowed \u003d [\u0027os_system_admin\u0027, \u0027os_system_reader\u0027]"},{"line_number":124,"context_line":"        else:"},{"line_number":125,"context_line":"            expected_allowed \u003d [\u0027os_admin\u0027]"},{"line_number":126,"context_line":""},{"line_number":127,"context_line":"        self.check_list_IDs_RBAC_enforcement("}],"source_content_type":"text/x-python","patch_set":6,"id":"5e8c9661_540ed24d","line":124,"range":{"start_line":124,"start_character":8,"end_line":124,"end_character":12},"updated":"2021-10-10 20:04:29.000000000","message":"The same as in L59-62","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":149,"context_line":""},{"line_number":150,"context_line":"        if CONF.dns_feature_enabled.enforce_new_defaults:"},{"line_number":151,"context_line":"            expected_allowed \u003d [\u0027os_system_admin\u0027]"},{"line_number":152,"context_line":"        else:"},{"line_number":153,"context_line":"            expected_allowed \u003d [\u0027os_admin\u0027]"},{"line_number":154,"context_line":""},{"line_number":155,"context_line":"        self.check_update_RBAC_enforcement(\u0027BlacklistsClient\u0027,"}],"source_content_type":"text/x-python","patch_set":6,"id":"cb812d43_365f4210","line":152,"range":{"start_line":152,"start_character":8,"end_line":152,"end_character":12},"updated":"2021-10-10 20:04:29.000000000","message":"The same as in L59-62","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"}],"designate_tempest_plugin/tests/base.py":[{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":65,"context_line":"    # rest the actual roles."},{"line_number":66,"context_line":"    # NOTE(kiall) primary will result in a manager @ cls.os_primary, alt will"},{"line_number":67,"context_line":"    # have cls.os_alt, and admin will have cls.os_admin."},{"line_number":68,"context_line":"    # NOTE(johnsom) We will allocate most credentials here so that each test"},{"line_number":69,"context_line":"    # can test for allowed and disallowed RBAC policies."},{"line_number":70,"context_line":"    credentials \u003d [\u0027admin\u0027, \u0027primary\u0027]"},{"line_number":71,"context_line":"    if CONF.dns_feature_enabled.enforce_new_defaults:"}],"source_content_type":"text/x-python","patch_set":6,"id":"c929d315_33fd4ca3","line":68,"range":{"start_line":68,"start_character":37,"end_line":68,"end_character":42},"updated":"2021-10-10 20:04:29.000000000","message":"More credentials?","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":75,"context_line":"    # \u0027credentials\u0027 list above. These are used to build RBAC test lists."},{"line_number":76,"context_line":"    allocated_creds \u003d []"},{"line_number":77,"context_line":"    for cred in credentials:"},{"line_number":78,"context_line":"        if isinstance(cred, list):"},{"line_number":79,"context_line":"            allocated_creds.append(\u0027os_roles_\u0027 + cred[0])"},{"line_number":80,"context_line":"        else:"},{"line_number":81,"context_line":"            allocated_creds.append(\u0027os_\u0027 + cred)"}],"source_content_type":"text/x-python","patch_set":6,"id":"8db391ae_6ffc5533","line":78,"range":{"start_line":78,"start_character":0,"end_line":78,"end_character":34},"updated":"2021-10-10 20:04:29.000000000","message":"Will just\n\"if cred in credentials\" do the same as \"isinstance(cred, list):\"?","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":5572,"name":"Don Kehn","display_name":"DEKehn","email":"dekehn@gmail.com","username":"dekehn"},"change_message_id":"438aa7220386f606d573f01837cd4d5c8382acce","unresolved":true,"context_lines":[{"line_number":75,"context_line":"    # \u0027credentials\u0027 list above. These are used to build RBAC test lists."},{"line_number":76,"context_line":"    allocated_creds \u003d []"},{"line_number":77,"context_line":"    for cred in credentials:"},{"line_number":78,"context_line":"        if isinstance(cred, list):"},{"line_number":79,"context_line":"            allocated_creds.append(\u0027os_roles_\u0027 + cred[0])"},{"line_number":80,"context_line":"        else:"},{"line_number":81,"context_line":"            allocated_creds.append(\u0027os_\u0027 + cred)"}],"source_content_type":"text/x-python","patch_set":6,"id":"2270ad9e_3c904b74","line":78,"range":{"start_line":78,"start_character":0,"end_line":78,"end_character":34},"in_reply_to":"8db391ae_6ffc5533","updated":"2022-03-03 15:22:30.000000000","message":"Actually no, the way its written if the element retrieved from credentials is a list the if...then...else has to append to the allocated_creds differently. isinstance checks for the type whereas in check for the existence of something in a list. Determining the element\u0027s type is the point here.","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"},{"author":{"_account_id":28609,"name":"Arkady Shtempler","email":"ashtempl@redhat.com","username":"ashtempl"},"change_message_id":"2ebd64addcf944933d7993cf7178b366197c8935","unresolved":true,"context_lines":[{"line_number":75,"context_line":"    # \u0027credentials\u0027 list above. These are used to build RBAC test lists."},{"line_number":76,"context_line":"    allocated_creds \u003d []"},{"line_number":77,"context_line":"    for cred in credentials:"},{"line_number":78,"context_line":"        if isinstance(cred, list):"},{"line_number":79,"context_line":"            allocated_creds.append(\u0027os_roles_\u0027 + cred[0])"},{"line_number":80,"context_line":"        else:"},{"line_number":81,"context_line":"            allocated_creds.append(\u0027os_\u0027 + cred)"},{"line_number":82,"context_line":"    # Tests shall not mess with the list of allocated credentials"},{"line_number":83,"context_line":"    allocated_credentials \u003d tuple(allocated_creds)"},{"line_number":84,"context_line":""}],"source_content_type":"text/x-python","patch_set":6,"id":"267bf314_ea3723a6","line":81,"range":{"start_line":78,"start_character":0,"end_line":81,"end_character":48},"updated":"2021-10-10 20:04:29.000000000","message":"Maybe we can use \"format\" instead of \"+\"?\nAFAIK - \"+\" operator for string is less appreciated in Tempest then \"format\"","commit_id":"74df0dc60ff62d7feb9f42fc562fa3b957e57a81"}]}