)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"258cda3e5a8f31d105310858f5ce823269bc7914","unresolved":true,"context_lines":[{"line_number":23,"context_line":"Forbidden was raised by _check_mutate_authorization(). This means"},{"line_number":24,"context_line":"that we could not tell the difference at the higher layers between"},{"line_number":25,"context_line":"an actual NotFound and the 404 generated by an auth failure."},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"Change-Id: I43dbc88a9f3fd4c6b2a10c2534ccee9283663282"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":19,"id":"fa97cb9e_649e3837","line":26,"updated":"2021-07-27 07:46:48.000000000","message":"This should definitely have Partially Implements: blueprint policy-refactor tag.","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"}],"glance/api/v2/images.py":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"c5b7dfe81667a5170a3e261b80c228a0e5b133fa","unresolved":true,"context_lines":[{"line_number":566,"context_line":"        image_repo \u003d self.gateway.get_repo(req.context,"},{"line_number":567,"context_line":"                                           authorization_layer\u003dFalse)"},{"line_number":568,"context_line":"        try:"},{"line_number":569,"context_line":"            # FIXME(danms): This will still enforce the get_image policy"},{"line_number":570,"context_line":"            # which we don\u0027t want"},{"line_number":571,"context_line":"            image \u003d image_repo.get(image_id)"},{"line_number":572,"context_line":"            api_pol \u003d api_policy.ImageAPIPolicy(req.context, image,"},{"line_number":573,"context_line":"                                                self.policy)"}],"source_content_type":"text/x-python","patch_set":16,"id":"531950be_88982829","line":570,"range":{"start_line":569,"start_character":12,"end_line":570,"end_character":33},"updated":"2021-07-19 18:45:44.000000000","message":"I think this is not needed now.","commit_id":"da567802505b30a53871ef69562fe80ac3d45cd1"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"ff094c4e4861d4f39f67a6c1b1a5e7fa5d51bb05","unresolved":true,"context_lines":[{"line_number":566,"context_line":"        image_repo \u003d self.gateway.get_repo(req.context,"},{"line_number":567,"context_line":"                                           authorization_layer\u003dFalse)"},{"line_number":568,"context_line":"        try:"},{"line_number":569,"context_line":"            # FIXME(danms): This will still enforce the get_image policy"},{"line_number":570,"context_line":"            # which we don\u0027t want"},{"line_number":571,"context_line":"            image \u003d image_repo.get(image_id)"},{"line_number":572,"context_line":"            api_pol \u003d api_policy.ImageAPIPolicy(req.context, image,"},{"line_number":573,"context_line":"                                                self.policy)"}],"source_content_type":"text/x-python","patch_set":16,"id":"3b7ac9fd_f5432d38","line":570,"range":{"start_line":569,"start_character":12,"end_line":570,"end_character":33},"in_reply_to":"531950be_88982829","updated":"2021-07-19 19:24:07.000000000","message":"Yeah, I guess you\u0027re right. I was thinking this stays until the get_images patch merges, but things are a bit different now than when I first put this in.","commit_id":"da567802505b30a53871ef69562fe80ac3d45cd1"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"258cda3e5a8f31d105310858f5ce823269bc7914","unresolved":true,"context_lines":[{"line_number":605,"context_line":"        value \u003d change[\u0027value\u0027]"},{"line_number":606,"context_line":"        if path_root \u003d\u003d \u0027locations\u0027 and not value:"},{"line_number":607,"context_line":"            msg \u003d _(\"Cannot set locations to empty list.\")"},{"line_number":608,"context_line":"            raise webob.exc.HTTPForbidden(msg)"},{"line_number":609,"context_line":"        elif path_root \u003d\u003d \u0027locations\u0027 and value:"},{"line_number":610,"context_line":"            api_pol.update_locations()"},{"line_number":611,"context_line":"            self._do_replace_locations(image, value)"}],"source_content_type":"text/x-python","patch_set":19,"id":"ec0582f8_939adddd","line":608,"range":{"start_line":608,"start_character":12,"end_line":608,"end_character":46},"updated":"2021-07-27 07:46:48.000000000","message":"Not related to your change, but shouldn\u0027t this be Bad request rather than forbidden?","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"4fb1a756861b924e2740d0f00a6bbc201386b5c2","unresolved":true,"context_lines":[{"line_number":605,"context_line":"        value \u003d change[\u0027value\u0027]"},{"line_number":606,"context_line":"        if path_root \u003d\u003d \u0027locations\u0027 and not value:"},{"line_number":607,"context_line":"            msg \u003d _(\"Cannot set locations to empty list.\")"},{"line_number":608,"context_line":"            raise webob.exc.HTTPForbidden(msg)"},{"line_number":609,"context_line":"        elif path_root \u003d\u003d \u0027locations\u0027 and value:"},{"line_number":610,"context_line":"            api_pol.update_locations()"},{"line_number":611,"context_line":"            self._do_replace_locations(image, value)"}],"source_content_type":"text/x-python","patch_set":19,"id":"14cce4d4_6f87c984","line":608,"range":{"start_line":608,"start_character":12,"end_line":608,"end_character":46},"in_reply_to":"ec0582f8_939adddd","updated":"2021-07-27 14:02:54.000000000","message":"Yeah, I would think so, but maybe the thought was that since property protections allow you to control fine-grained permissions on the others, that this is more consistent with other behavior.\n\nBut I agree, this is a rejection based on the content supplied and not the user supplying it.","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"258cda3e5a8f31d105310858f5ce823269bc7914","unresolved":true,"context_lines":[{"line_number":660,"context_line":"                del image.extra_properties[path_root]"},{"line_number":661,"context_line":"            else:"},{"line_number":662,"context_line":"                msg \u003d _(\"Property %s does not exist.\")"},{"line_number":663,"context_line":"                raise webob.exc.HTTPConflict(msg % path_root)"},{"line_number":664,"context_line":""},{"line_number":665,"context_line":"    def _delete_encryption_key(self, context, image):"},{"line_number":666,"context_line":"        props \u003d image.extra_properties"}],"source_content_type":"text/x-python","patch_set":19,"id":"7aba1e64_01e8715a","line":663,"range":{"start_line":663,"start_character":16,"end_line":663,"end_character":61},"updated":"2021-07-27 07:46:48.000000000","message":"Ditto. This should be not found IMO","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"4fb1a756861b924e2740d0f00a6bbc201386b5c2","unresolved":true,"context_lines":[{"line_number":660,"context_line":"                del image.extra_properties[path_root]"},{"line_number":661,"context_line":"            else:"},{"line_number":662,"context_line":"                msg \u003d _(\"Property %s does not exist.\")"},{"line_number":663,"context_line":"                raise webob.exc.HTTPConflict(msg % path_root)"},{"line_number":664,"context_line":""},{"line_number":665,"context_line":"    def _delete_encryption_key(self, context, image):"},{"line_number":666,"context_line":"        props \u003d image.extra_properties"}],"source_content_type":"text/x-python","patch_set":19,"id":"9e7dd963_740a07a3","line":663,"range":{"start_line":663,"start_character":16,"end_line":663,"end_character":61},"in_reply_to":"7aba1e64_01e8715a","updated":"2021-07-27 14:02:54.000000000","message":"Ack and agree, but these would potentially be API changes that break people and without microversions, they can\u0027t signal that they know about the new ones, so... seems not worth changing at this point, IMHO.","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"ebe49a26df30775a845e9ee789f13036f1c993b2","unresolved":true,"context_lines":[{"line_number":652,"context_line":"            except exception.Forbidden as e:"},{"line_number":653,"context_line":"                raise webob.exc.HTTPForbidden(e.msg)"},{"line_number":654,"context_line":"        else:"},{"line_number":655,"context_line":"            api_pol.update_property(path_root, None)"},{"line_number":656,"context_line":"            if hasattr(image, path_root):"},{"line_number":657,"context_line":"                msg \u003d _(\"Property %s may not be removed.\")"},{"line_number":658,"context_line":"                raise webob.exc.HTTPForbidden(msg % path_root)"}],"source_content_type":"text/x-python","patch_set":22,"id":"f95b9bc7_fab4c6e4","line":655,"range":{"start_line":655,"start_character":12,"end_line":655,"end_character":52},"updated":"2021-08-04 06:01:47.000000000","message":"May be if respin is required.\n\nCan we make this second option as kw argument?\nI think definitely you are not checking for visibility here.","commit_id":"31d74cc3e139f102ab2e628f65f3a875c2374445"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"1991a1b3e3d2d14fe938f983d3f2e6f76ea02720","unresolved":false,"context_lines":[{"line_number":652,"context_line":"            except exception.Forbidden as e:"},{"line_number":653,"context_line":"                raise webob.exc.HTTPForbidden(e.msg)"},{"line_number":654,"context_line":"        else:"},{"line_number":655,"context_line":"            api_pol.update_property(path_root, None)"},{"line_number":656,"context_line":"            if hasattr(image, path_root):"},{"line_number":657,"context_line":"                msg \u003d _(\"Property %s may not be removed.\")"},{"line_number":658,"context_line":"                raise webob.exc.HTTPForbidden(msg % path_root)"}],"source_content_type":"text/x-python","patch_set":22,"id":"c560a644_cc163c13","line":655,"range":{"start_line":655,"start_character":12,"end_line":655,"end_character":52},"in_reply_to":"f95b9bc7_fab4c6e4","updated":"2021-08-04 13:34:00.000000000","message":"Ack","commit_id":"31d74cc3e139f102ab2e628f65f3a875c2374445"}],"glance/tests/functional/v2/test_images.py":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"c5b7dfe81667a5170a3e261b80c228a0e5b133fa","unresolved":true,"context_lines":[{"line_number":2258,"context_line":"        doc \u003d [{\u0027op\u0027: \u0027replace\u0027, \u0027path\u0027: \u0027/name\u0027, \u0027value\u0027: \u0027image-2\u0027}]"},{"line_number":2259,"context_line":"        data \u003d jsonutils.dumps(doc)"},{"line_number":2260,"context_line":"        response \u003d requests.patch(path, headers\u003dheaders, data\u003ddata)"},{"line_number":2261,"context_line":"        # FIXME(danms): This expects us to fail in the authorization"},{"line_number":2262,"context_line":"        # layer to raise a forbidden based on membership. If we do not"},{"line_number":2263,"context_line":"        # have that in the stack, and we run with the test policy of"},{"line_number":2264,"context_line":"        # unrestricted modify_image, then db.ImageRepoProxy.save will"},{"line_number":2265,"context_line":"        # raise NotFound when db.sqlalchemy.is_image_mutable() returns"},{"line_number":2266,"context_line":"        # False."},{"line_number":2267,"context_line":"        self.assertEqual(http.FORBIDDEN, response.status_code)"},{"line_number":2268,"context_line":""},{"line_number":2269,"context_line":"        # TENANT3 should not be able to delete the image, either"}],"source_content_type":"text/x-python","patch_set":16,"id":"c18d35f9_ab8af223","line":2266,"range":{"start_line":2261,"start_character":8,"end_line":2266,"end_character":16},"updated":"2021-07-19 18:45:44.000000000","message":"I think this is also not needed now?","commit_id":"da567802505b30a53871ef69562fe80ac3d45cd1"}],"glance/tests/functional/v2/test_images_api_policy.py":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"c5b7dfe81667a5170a3e261b80c228a0e5b133fa","unresolved":true,"context_lines":[{"line_number":45,"context_line":"                              {\u0027op\u0027: \u0027add\u0027,"},{"line_number":46,"context_line":"                               \u0027path\u0027: \u0027/mykey1\u0027,"},{"line_number":47,"context_line":"                               \u0027value\u0027: \u0027foo\u0027})"},{"line_number":48,"context_line":"        self.assertEqual(200, resp.status_code, resp.text)"},{"line_number":49,"context_line":""},{"line_number":50,"context_line":"        # Now disable modify_image permissions and make sure any other"},{"line_number":51,"context_line":"        # attempts fail"}],"source_content_type":"text/x-python","patch_set":16,"id":"2a6ab2c4_e29577a7","line":48,"range":{"start_line":48,"start_character":8,"end_line":48,"end_character":58},"updated":"2021-07-19 18:45:44.000000000","message":"shouldn\u0027t we also assert that /mykey1 added to image?","commit_id":"da567802505b30a53871ef69562fe80ac3d45cd1"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"ff094c4e4861d4f39f67a6c1b1a5e7fa5d51bb05","unresolved":false,"context_lines":[{"line_number":45,"context_line":"                              {\u0027op\u0027: \u0027add\u0027,"},{"line_number":46,"context_line":"                               \u0027path\u0027: \u0027/mykey1\u0027,"},{"line_number":47,"context_line":"                               \u0027value\u0027: \u0027foo\u0027})"},{"line_number":48,"context_line":"        self.assertEqual(200, resp.status_code, resp.text)"},{"line_number":49,"context_line":""},{"line_number":50,"context_line":"        # Now disable modify_image permissions and make sure any other"},{"line_number":51,"context_line":"        # attempts fail"}],"source_content_type":"text/x-python","patch_set":16,"id":"48a6d50a_218214dd","line":48,"range":{"start_line":48,"start_character":8,"end_line":48,"end_character":58},"in_reply_to":"2a6ab2c4_e29577a7","updated":"2021-07-19 19:24:07.000000000","message":"Ack","commit_id":"da567802505b30a53871ef69562fe80ac3d45cd1"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"c5b7dfe81667a5170a3e261b80c228a0e5b133fa","unresolved":true,"context_lines":[{"line_number":95,"context_line":"                                         \u0027metadata\u0027: {}}})"},{"line_number":96,"context_line":"        self.assertEqual(200, resp.status_code, resp.text)"},{"line_number":97,"context_line":""},{"line_number":98,"context_line":"        # Now disable modify_image permissions and make sure any other"},{"line_number":99,"context_line":"        # attempts fail"},{"line_number":100,"context_line":"        self.set_policy_rules({\u0027set_image_location\u0027: \u0027!\u0027,"},{"line_number":101,"context_line":"                               \u0027delete_image_location\u0027: \u0027!\u0027})"}],"source_content_type":"text/x-python","patch_set":16,"id":"b27a4ac1_41f8429b","line":98,"range":{"start_line":98,"start_character":22,"end_line":98,"end_character":34},"updated":"2021-07-19 18:45:44.000000000","message":"set_image_loaction and delete_image_location ?","commit_id":"da567802505b30a53871ef69562fe80ac3d45cd1"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"ff094c4e4861d4f39f67a6c1b1a5e7fa5d51bb05","unresolved":true,"context_lines":[{"line_number":95,"context_line":"                                         \u0027metadata\u0027: {}}})"},{"line_number":96,"context_line":"        self.assertEqual(200, resp.status_code, resp.text)"},{"line_number":97,"context_line":""},{"line_number":98,"context_line":"        # Now disable modify_image permissions and make sure any other"},{"line_number":99,"context_line":"        # attempts fail"},{"line_number":100,"context_line":"        self.set_policy_rules({\u0027set_image_location\u0027: \u0027!\u0027,"},{"line_number":101,"context_line":"                               \u0027delete_image_location\u0027: \u0027!\u0027})"}],"source_content_type":"text/x-python","patch_set":16,"id":"8043c7f8_2613a923","line":98,"range":{"start_line":98,"start_character":22,"end_line":98,"end_character":34},"in_reply_to":"b27a4ac1_41f8429b","updated":"2021-07-19 19:24:07.000000000","message":"Yep, copy pasta, thanks :)","commit_id":"da567802505b30a53871ef69562fe80ac3d45cd1"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"258cda3e5a8f31d105310858f5ce823269bc7914","unresolved":true,"context_lines":[{"line_number":36,"context_line":"            mock_enf.return_value \u003d self.policy"},{"line_number":37,"context_line":"            super(TestImagesPolicy, self).start_server()"},{"line_number":38,"context_line":""},{"line_number":39,"context_line":"    def test_image_update_basic(self):"},{"line_number":40,"context_line":"        self.start_server()"},{"line_number":41,"context_line":"        image_id \u003d self._create_and_upload()"},{"line_number":42,"context_line":""}],"source_content_type":"text/x-python","patch_set":19,"id":"8f087cf3_3deb4bef","line":39,"range":{"start_line":39,"start_character":4,"end_line":39,"end_character":38},"updated":"2021-07-27 07:46:48.000000000","message":"Can we also have one test to ensure property protection doesn\u0027t have any regression?","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"1836debadc66c4ff122eaa61973b3f6441762fb8","unresolved":true,"context_lines":[{"line_number":36,"context_line":"            mock_enf.return_value \u003d self.policy"},{"line_number":37,"context_line":"            super(TestImagesPolicy, self).start_server()"},{"line_number":38,"context_line":""},{"line_number":39,"context_line":"    def test_image_update_basic(self):"},{"line_number":40,"context_line":"        self.start_server()"},{"line_number":41,"context_line":"        image_id \u003d self._create_and_upload()"},{"line_number":42,"context_line":""}],"source_content_type":"text/x-python","patch_set":19,"id":"c2ec8bca_a228343d","line":39,"range":{"start_line":39,"start_character":4,"end_line":39,"end_character":38},"in_reply_to":"1ddc04ea_f748e19c","updated":"2021-07-27 17:09:15.000000000","message":"My initial thought about having PP test here was that this structure is easier to understand and we might uncover some unexpected things in property protections (since I never seen any bug related to it or neither heard anyone using it).\n\nBut I guess we can do that later and at the moment just continue monitoring existing PP tests.","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"75c8c1dc0bc5e0cafe06b79e9774693c67dd7065","unresolved":true,"context_lines":[{"line_number":36,"context_line":"            mock_enf.return_value \u003d self.policy"},{"line_number":37,"context_line":"            super(TestImagesPolicy, self).start_server()"},{"line_number":38,"context_line":""},{"line_number":39,"context_line":"    def test_image_update_basic(self):"},{"line_number":40,"context_line":"        self.start_server()"},{"line_number":41,"context_line":"        image_id \u003d self._create_and_upload()"},{"line_number":42,"context_line":""}],"source_content_type":"text/x-python","patch_set":19,"id":"1ddc04ea_f748e19c","line":39,"range":{"start_line":39,"start_character":4,"end_line":39,"end_character":38},"in_reply_to":"8f087cf3_3deb4bef","updated":"2021-07-27 17:01:25.000000000","message":"Sure, but I\u0027m having a hard time knowing what to do here. There are a bunch of existing PP tests that do a lot of stuff with various policies, roles, etc, all of which hit image update multiple times of course. I can go survey those and try to figure out what intersection might be missed, but I\u0027m not quite sure what that might be. This test is implemented here just because it\u0027s easier for me to flip the policies in real time with the SynchronousAPIBase, instead of having to start and stop the workers, or test across multiple cases. There\u0027s no special config for this test that needs to be replicated in the PP tests...\n\nIf you\u0027re looking for me to add PP support to SynchronousAPI base and just replicate those here, then okay I guess, but I\u0027m not sure that\u0027s very worthwhile. If you have something else in mind, I\u0027d sure appreciate some hints... More than happy to do the work, just need to know what that is :)","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"fa2b9db13fba738acc4115377d3775df54fa9098","unresolved":false,"context_lines":[{"line_number":36,"context_line":"            mock_enf.return_value \u003d self.policy"},{"line_number":37,"context_line":"            super(TestImagesPolicy, self).start_server()"},{"line_number":38,"context_line":""},{"line_number":39,"context_line":"    def test_image_update_basic(self):"},{"line_number":40,"context_line":"        self.start_server()"},{"line_number":41,"context_line":"        image_id \u003d self._create_and_upload()"},{"line_number":42,"context_line":""}],"source_content_type":"text/x-python","patch_set":19,"id":"d7e58d57_6e70c4dd","line":39,"range":{"start_line":39,"start_character":4,"end_line":39,"end_character":38},"in_reply_to":"a781fedf_d8c4ce3e","updated":"2021-07-27 17:16:50.000000000","message":"Sounds good!","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"78fbc305f015503c20e2ff1c326e3359d10dd5a9","unresolved":true,"context_lines":[{"line_number":36,"context_line":"            mock_enf.return_value \u003d self.policy"},{"line_number":37,"context_line":"            super(TestImagesPolicy, self).start_server()"},{"line_number":38,"context_line":""},{"line_number":39,"context_line":"    def test_image_update_basic(self):"},{"line_number":40,"context_line":"        self.start_server()"},{"line_number":41,"context_line":"        image_id \u003d self._create_and_upload()"},{"line_number":42,"context_line":""}],"source_content_type":"text/x-python","patch_set":19,"id":"a781fedf_d8c4ce3e","line":39,"range":{"start_line":39,"start_character":4,"end_line":39,"end_character":38},"in_reply_to":"c2ec8bca_a228343d","updated":"2021-07-27 17:13:33.000000000","message":"Okay, I definitely agree this would be a much better pattern for those tests, but that\u0027s separate from the refactor of update_image enforcement right?\n\nPart of why I\u0027m hesitant to even get into that stuff is because the tests are very long and confusing, as they have to be with the regular functional arrangement. We can certainly take \"refactor PP tests\" as a separate cleanup item, but I don\u0027t want to just randomly put those refactors in this patch, which isn\u0027t really related to PP (AFAICT).","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"}],"glance/tests/unit/api/test_v2_policy.py":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"258cda3e5a8f31d105310858f5ce823269bc7914","unresolved":true,"context_lines":[{"line_number":30,"context_line":"        self.policy \u003d policy.ImageAPIPolicy(self.context, self.image,"},{"line_number":31,"context_line":"                                            enforcer\u003dself.enforcer)"},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def test_enforce(self):"},{"line_number":34,"context_line":""},{"line_number":35,"context_line":"        # Enforce passes"},{"line_number":36,"context_line":"        self.policy._enforce(\u0027fake_rule\u0027)"},{"line_number":37,"context_line":"        self.enforcer.enforce.assert_called_once_with("},{"line_number":38,"context_line":"            self.context,"},{"line_number":39,"context_line":"            \u0027fake_rule\u0027,"},{"line_number":40,"context_line":"            mock.ANY)"},{"line_number":41,"context_line":""},{"line_number":42,"context_line":"        # Make sure that Forbidden gets caught and translated"},{"line_number":43,"context_line":"        self.enforcer.enforce.side_effect \u003d exception.Forbidden"},{"line_number":44,"context_line":"        self.assertRaises(webob.exc.HTTPForbidden,"},{"line_number":45,"context_line":"                          self.policy._enforce, \u0027fake_rule\u0027)"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"        # Any other exception comes straight through"},{"line_number":48,"context_line":"        self.enforcer.enforce.side_effect \u003d exception.ImageNotFound"},{"line_number":49,"context_line":"        self.assertRaises(exception.ImageNotFound,"},{"line_number":50,"context_line":"                          self.policy._enforce, \u0027fake_rule\u0027)"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"    @mock.patch(\u0027glance.api.policy._enforce_image_visibility\u0027)"},{"line_number":53,"context_line":"    def test_enforce_visibility(self, mock_enf):"}],"source_content_type":"text/x-python","patch_set":19,"id":"53873858_d8d77a71","line":50,"range":{"start_line":33,"start_character":4,"end_line":50,"end_character":60},"updated":"2021-07-27 07:46:48.000000000","message":"I think should be gone now since we have same test in \nhttps://review.opendev.org/c/openstack/glance/+/801129/8/glance/tests/unit/v2/test_v2_policy.py#44\n\nI think this file has not rebased properly.","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"4fb1a756861b924e2740d0f00a6bbc201386b5c2","unresolved":true,"context_lines":[{"line_number":30,"context_line":"        self.policy \u003d policy.ImageAPIPolicy(self.context, self.image,"},{"line_number":31,"context_line":"                                            enforcer\u003dself.enforcer)"},{"line_number":32,"context_line":""},{"line_number":33,"context_line":"    def test_enforce(self):"},{"line_number":34,"context_line":""},{"line_number":35,"context_line":"        # Enforce passes"},{"line_number":36,"context_line":"        self.policy._enforce(\u0027fake_rule\u0027)"},{"line_number":37,"context_line":"        self.enforcer.enforce.assert_called_once_with("},{"line_number":38,"context_line":"            self.context,"},{"line_number":39,"context_line":"            \u0027fake_rule\u0027,"},{"line_number":40,"context_line":"            mock.ANY)"},{"line_number":41,"context_line":""},{"line_number":42,"context_line":"        # Make sure that Forbidden gets caught and translated"},{"line_number":43,"context_line":"        self.enforcer.enforce.side_effect \u003d exception.Forbidden"},{"line_number":44,"context_line":"        self.assertRaises(webob.exc.HTTPForbidden,"},{"line_number":45,"context_line":"                          self.policy._enforce, \u0027fake_rule\u0027)"},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"        # Any other exception comes straight through"},{"line_number":48,"context_line":"        self.enforcer.enforce.side_effect \u003d exception.ImageNotFound"},{"line_number":49,"context_line":"        self.assertRaises(exception.ImageNotFound,"},{"line_number":50,"context_line":"                          self.policy._enforce, \u0027fake_rule\u0027)"},{"line_number":51,"context_line":""},{"line_number":52,"context_line":"    @mock.patch(\u0027glance.api.policy._enforce_image_visibility\u0027)"},{"line_number":53,"context_line":"    def test_enforce_visibility(self, mock_enf):"}],"source_content_type":"text/x-python","patch_set":19,"id":"33c99671_fc8a7965","line":50,"range":{"start_line":33,"start_character":4,"end_line":50,"end_character":60},"in_reply_to":"53873858_d8d77a71","updated":"2021-07-27 14:02:54.000000000","message":"Yup.","commit_id":"6169b8256e860705fca40574af1b2618751a1e70"}],"glance/tests/unit/v2/test_v2_policy.py":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"ebe49a26df30775a845e9ee789f13036f1c993b2","unresolved":true,"context_lines":[{"line_number":128,"context_line":""},{"line_number":129,"context_line":"            # Make sure that if modify_image is disallowed, but"},{"line_number":130,"context_line":"            # get_image is allowed, that we get Forbidden. This is"},{"line_number":131,"context_line":"            # because we are allowed to see the image, but not delete"},{"line_number":132,"context_line":"            # it, so 403 indicates that without confusing the user and"},{"line_number":133,"context_line":"            # returning \"not found\" for an image they are able to GET."},{"line_number":134,"context_line":"            mock_enf.reset_mock()"}],"source_content_type":"text/x-python","patch_set":22,"id":"aff4575b_6cb7b9a7","line":131,"range":{"start_line":131,"start_character":63,"end_line":131,"end_character":69},"updated":"2021-08-04 06:01:47.000000000","message":"modify?","commit_id":"31d74cc3e139f102ab2e628f65f3a875c2374445"},{"author":{"_account_id":4393,"name":"Dan Smith","email":"dms@danplanet.com","username":"danms"},"change_message_id":"1991a1b3e3d2d14fe938f983d3f2e6f76ea02720","unresolved":true,"context_lines":[{"line_number":128,"context_line":""},{"line_number":129,"context_line":"            # Make sure that if modify_image is disallowed, but"},{"line_number":130,"context_line":"            # get_image is allowed, that we get Forbidden. This is"},{"line_number":131,"context_line":"            # because we are allowed to see the image, but not delete"},{"line_number":132,"context_line":"            # it, so 403 indicates that without confusing the user and"},{"line_number":133,"context_line":"            # returning \"not found\" for an image they are able to GET."},{"line_number":134,"context_line":"            mock_enf.reset_mock()"}],"source_content_type":"text/x-python","patch_set":22,"id":"99a10f07_a26c74f7","line":131,"range":{"start_line":131,"start_character":63,"end_line":131,"end_character":69},"in_reply_to":"aff4575b_6cb7b9a7","updated":"2021-08-04 13:34:00.000000000","message":"Yeah, had delete on the brain :)","commit_id":"31d74cc3e139f102ab2e628f65f3a875c2374445"}]}