)]}'
{"neutron/tests/unit/conf/policies/test_qos.py":[{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"f0b6957ef24df3ac49303a3ad2e8cfd1859fc086","unresolved":true,"context_lines":[{"line_number":112,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":113,"context_line":"            policy.enforce, self.context, \u0027get_policy\u0027, self.alt_target)"},{"line_number":114,"context_line":""},{"line_number":115,"context_line":"    def test_create_policy(self):"},{"line_number":116,"context_line":"        self.assertRaises("},{"line_number":117,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":118,"context_line":"            policy.enforce, self.context, \u0027create_policy\u0027, self.target)"}],"source_content_type":"text/x-python","patch_set":1,"id":"0ef40800_1c8b1e64","line":115,"updated":"2021-04-09 16:11:39.000000000","message":"So, it looks like policies are created for individual projects by system-administrators?\n\nA project-admin or project-member (using secure RBAC) shouldn\u0027t be allowed to create their own policies, right?","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"603cd24f3e65950e37dd0a2c6c7823434cb9f2c3","unresolved":true,"context_lines":[{"line_number":112,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":113,"context_line":"            policy.enforce, self.context, \u0027get_policy\u0027, self.alt_target)"},{"line_number":114,"context_line":""},{"line_number":115,"context_line":"    def test_create_policy(self):"},{"line_number":116,"context_line":"        self.assertRaises("},{"line_number":117,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":118,"context_line":"            policy.enforce, self.context, \u0027create_policy\u0027, self.target)"}],"source_content_type":"text/x-python","patch_set":1,"id":"fee56760_28ab8e16","line":115,"in_reply_to":"0ef40800_1c8b1e64","updated":"2021-04-12 12:01:20.000000000","message":"yes, it\u0027s configured like that but maybe we should change it to allow project admin to create QoS policy as well?","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"a16ae00c28b44ce2f28fa8fd4ce4ee28dd1afac4","unresolved":true,"context_lines":[{"line_number":112,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":113,"context_line":"            policy.enforce, self.context, \u0027get_policy\u0027, self.alt_target)"},{"line_number":114,"context_line":""},{"line_number":115,"context_line":"    def test_create_policy(self):"},{"line_number":116,"context_line":"        self.assertRaises("},{"line_number":117,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":118,"context_line":"            policy.enforce, self.context, \u0027create_policy\u0027, self.target)"}],"source_content_type":"text/x-python","patch_set":1,"id":"19a8f67b_2ab581aa","line":115,"in_reply_to":"fee56760_28ab8e16","updated":"2021-04-12 19:07:07.000000000","message":"Ok - sounds good. Maybe we can investigate that in a separate change.\n\nOne of the biggest advantages to this effort is making room to push more functionality down to project users where appropriate, and offload things system-administrators have to do for end-users.","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"f0b6957ef24df3ac49303a3ad2e8cfd1859fc086","unresolved":true,"context_lines":[{"line_number":248,"context_line":"                           \u0027get_policy_bandwidth_limit_rule\u0027,"},{"line_number":249,"context_line":"                           self.alt_target))"},{"line_number":250,"context_line":""},{"line_number":251,"context_line":"        # And the same for aliases"},{"line_number":252,"context_line":"        self.assertTrue("},{"line_number":253,"context_line":"            policy.enforce(self.context,"},{"line_number":254,"context_line":"                           \u0027get_alias_bandwidth_limit_rule\u0027,"}],"source_content_type":"text/x-python","patch_set":1,"id":"dd9cbd34_b4bbb662","line":251,"updated":"2021-04-09 16:11:39.000000000","message":"This question isn\u0027t really related to the testing effort directly, but what are the alias for?","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"d215ce3b760034b53e4486a651a6201a3f1d6214","unresolved":true,"context_lines":[{"line_number":248,"context_line":"                           \u0027get_policy_bandwidth_limit_rule\u0027,"},{"line_number":249,"context_line":"                           self.alt_target))"},{"line_number":250,"context_line":""},{"line_number":251,"context_line":"        # And the same for aliases"},{"line_number":252,"context_line":"        self.assertTrue("},{"line_number":253,"context_line":"            policy.enforce(self.context,"},{"line_number":254,"context_line":"                           \u0027get_alias_bandwidth_limit_rule\u0027,"}],"source_content_type":"text/x-python","patch_set":1,"id":"2977f664_5e6a84e8","line":251,"in_reply_to":"4fde25ec_1311df06","updated":"2021-05-19 16:26:00.000000000","message":"yeah, we should deprecate old API","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"524af7a53cf00e4c2997afa6c0036a8a85c55a33","unresolved":true,"context_lines":[{"line_number":248,"context_line":"                           \u0027get_policy_bandwidth_limit_rule\u0027,"},{"line_number":249,"context_line":"                           self.alt_target))"},{"line_number":250,"context_line":""},{"line_number":251,"context_line":"        # And the same for aliases"},{"line_number":252,"context_line":"        self.assertTrue("},{"line_number":253,"context_line":"            policy.enforce(self.context,"},{"line_number":254,"context_line":"                           \u0027get_alias_bandwidth_limit_rule\u0027,"}],"source_content_type":"text/x-python","patch_set":1,"id":"e5296d94_21c2f7f4","line":251,"in_reply_to":"61d117b6_e4d0d6dc","updated":"2021-04-15 07:14:38.000000000","message":"No, policy should be the same for both.","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"a16ae00c28b44ce2f28fa8fd4ce4ee28dd1afac4","unresolved":true,"context_lines":[{"line_number":248,"context_line":"                           \u0027get_policy_bandwidth_limit_rule\u0027,"},{"line_number":249,"context_line":"                           self.alt_target))"},{"line_number":250,"context_line":""},{"line_number":251,"context_line":"        # And the same for aliases"},{"line_number":252,"context_line":"        self.assertTrue("},{"line_number":253,"context_line":"            policy.enforce(self.context,"},{"line_number":254,"context_line":"                           \u0027get_alias_bandwidth_limit_rule\u0027,"}],"source_content_type":"text/x-python","patch_set":1,"id":"61d117b6_e4d0d6dc","line":251,"in_reply_to":"be4f9caa_53613bd4","updated":"2021-04-12 19:07:07.000000000","message":"Ok - interesting, thanks for the context.\n\nIs there an advantage to maintaining separate policies for those aliased APIs? If I deploy neutron and start changing the alias policies to be different from the non-aliased API, will things work as expected? Does it make sense to lock down the alias API and not the non-aliased API?","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"603cd24f3e65950e37dd0a2c6c7823434cb9f2c3","unresolved":true,"context_lines":[{"line_number":248,"context_line":"                           \u0027get_policy_bandwidth_limit_rule\u0027,"},{"line_number":249,"context_line":"                           self.alt_target))"},{"line_number":250,"context_line":""},{"line_number":251,"context_line":"        # And the same for aliases"},{"line_number":252,"context_line":"        self.assertTrue("},{"line_number":253,"context_line":"            policy.enforce(self.context,"},{"line_number":254,"context_line":"                           \u0027get_alias_bandwidth_limit_rule\u0027,"}],"source_content_type":"text/x-python","patch_set":1,"id":"be4f9caa_53613bd4","line":251,"in_reply_to":"dd9cbd34_b4bbb662","updated":"2021-04-12 12:01:20.000000000","message":"originally our API had endpoints like /v2.0/qos/policies/{policy_id}/bandwidth_limit_rules so it required always to pass policy id for rule.\nBut at some point we noticed that this isn\u0027t really needed so to improve user experience, we proposed aliases, see: https://docs.openstack.org/api-ref/network/v2/#quality-of-service-rules-alias-api","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"ac243f69d18403ad3d4a7badb4267077b5618a99","unresolved":true,"context_lines":[{"line_number":248,"context_line":"                           \u0027get_policy_bandwidth_limit_rule\u0027,"},{"line_number":249,"context_line":"                           self.alt_target))"},{"line_number":250,"context_line":""},{"line_number":251,"context_line":"        # And the same for aliases"},{"line_number":252,"context_line":"        self.assertTrue("},{"line_number":253,"context_line":"            policy.enforce(self.context,"},{"line_number":254,"context_line":"                           \u0027get_alias_bandwidth_limit_rule\u0027,"}],"source_content_type":"text/x-python","patch_set":1,"id":"4fde25ec_1311df06","line":251,"in_reply_to":"e5296d94_21c2f7f4","updated":"2021-04-15 13:21:52.000000000","message":"Interesting - would it be worth while considering a deprecated for removal strategy for these (at some point in the future)?","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"f0b6957ef24df3ac49303a3ad2e8cfd1859fc086","unresolved":true,"context_lines":[{"line_number":927,"context_line":"            self.context, \u0027get_alias_minimum_bandwidth_rule\u0027,"},{"line_number":928,"context_line":"            self.alt_target)"},{"line_number":929,"context_line":""},{"line_number":930,"context_line":"    def test_create_policy_minimum_bandwidth_rule(self):"},{"line_number":931,"context_line":"        self.assertRaises("},{"line_number":932,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":933,"context_line":"            policy.enforce,"}],"source_content_type":"text/x-python","patch_set":1,"id":"40dbec35_0533df85","line":930,"updated":"2021-04-09 16:11:39.000000000","message":"Similar question as above. This API was never really exposed to project users? Minimum bandwidth rules must be managed by system-administrators?\n\nI ask because it looks like the rule itself contains a project_id, so I\u0027m wondering if this is something that could be pushed down to project users eventually (assuming it can be done safely), offloading some of the work system-admins have to do on behalf of projects.","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"603cd24f3e65950e37dd0a2c6c7823434cb9f2c3","unresolved":true,"context_lines":[{"line_number":927,"context_line":"            self.context, \u0027get_alias_minimum_bandwidth_rule\u0027,"},{"line_number":928,"context_line":"            self.alt_target)"},{"line_number":929,"context_line":""},{"line_number":930,"context_line":"    def test_create_policy_minimum_bandwidth_rule(self):"},{"line_number":931,"context_line":"        self.assertRaises("},{"line_number":932,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":933,"context_line":"            policy.enforce,"}],"source_content_type":"text/x-python","patch_set":1,"id":"9f681489_3d0849ae","line":930,"in_reply_to":"40dbec35_0533df85","updated":"2021-04-12 12:01:20.000000000","message":"For now it\u0027s like that but that\u0027s good question. Maybe we should change it?","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"a16ae00c28b44ce2f28fa8fd4ce4ee28dd1afac4","unresolved":true,"context_lines":[{"line_number":927,"context_line":"            self.context, \u0027get_alias_minimum_bandwidth_rule\u0027,"},{"line_number":928,"context_line":"            self.alt_target)"},{"line_number":929,"context_line":""},{"line_number":930,"context_line":"    def test_create_policy_minimum_bandwidth_rule(self):"},{"line_number":931,"context_line":"        self.assertRaises("},{"line_number":932,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":933,"context_line":"            policy.enforce,"}],"source_content_type":"text/x-python","patch_set":1,"id":"73b937c9_0d48d2fd","line":930,"in_reply_to":"9f681489_3d0849ae","updated":"2021-04-12 19:07:07.000000000","message":"I\u0027ll leave that call to the neutron maintainers since they\u0027re obviously more familiar with the implications of that decision.\n\nBut, if the new personas help push more functionality down to project-users safely, then that seems like a good idea.\n\nMay be should create a bucket to work through all these types of APIs during the PTG?","commit_id":"98a77689949aea5431bb35b9285c87a4dae7bea7"}]}
