)]}'
{"neutron/tests/unit/conf/policies/test_rbac.py":[{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"28c1c2dda1d877acf1325395597dff44dd66d679","unresolved":true,"context_lines":[{"line_number":175,"context_line":"            policy.enforce,"},{"line_number":176,"context_line":"            self.context, \u0027create_rbac_policy\u0027, self.alt_target)"},{"line_number":177,"context_line":""},{"line_number":178,"context_line":"    def test_create_rbac_policy_target_tenant(self):"},{"line_number":179,"context_line":"        self.assertRaises("},{"line_number":180,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":181,"context_line":"            policy.enforce,"}],"source_content_type":"text/x-python","patch_set":1,"id":"bf6c215b_73c651d6","line":178,"updated":"2021-04-09 14:48:04.000000000","message":"Ok - so we only let system administrators open up a network with every project in the deployment, right?\n\nThis might need to happen in another change, but since we OR the system-admin check and the wildcard restriction here:\n\nhttps://github.com/openstack/neutron/blob/master/neutron/conf/policies/rbac.py#L54-L56\n\nDoes that mean we can remove the legacy RULE_ADMIN_ONLY check here?\n\nhttps://github.com/openstack/neutron/blob/master/neutron/conf/policies/rbac.py#L32","commit_id":"ba8aff630769a219219c59eb45ed769f1bb1a703"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"7da7525f6ba4e1ba21308e352dec68531f2018e5","unresolved":false,"context_lines":[{"line_number":175,"context_line":"            policy.enforce,"},{"line_number":176,"context_line":"            self.context, \u0027create_rbac_policy\u0027, self.alt_target)"},{"line_number":177,"context_line":""},{"line_number":178,"context_line":"    def test_create_rbac_policy_target_tenant(self):"},{"line_number":179,"context_line":"        self.assertRaises("},{"line_number":180,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":181,"context_line":"            policy.enforce,"}],"source_content_type":"text/x-python","patch_set":1,"id":"cd02a93d_c9f573c6","line":178,"in_reply_to":"ab0a0ad9_9e2b7c0f","updated":"2021-04-12 18:54:24.000000000","message":"Ack","commit_id":"ba8aff630769a219219c59eb45ed769f1bb1a703"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"4c1940f716a0379ed95ca7a6292b3846d6337bf4","unresolved":true,"context_lines":[{"line_number":175,"context_line":"            policy.enforce,"},{"line_number":176,"context_line":"            self.context, \u0027create_rbac_policy\u0027, self.alt_target)"},{"line_number":177,"context_line":""},{"line_number":178,"context_line":"    def test_create_rbac_policy_target_tenant(self):"},{"line_number":179,"context_line":"        self.assertRaises("},{"line_number":180,"context_line":"            base_policy.PolicyNotAuthorized,"},{"line_number":181,"context_line":"            policy.enforce,"}],"source_content_type":"text/x-python","patch_set":1,"id":"ab0a0ad9_9e2b7c0f","line":178,"in_reply_to":"bf6c215b_73c651d6","updated":"2021-04-12 13:30:13.000000000","message":"TBH I\u0027m not sure. And I would, at least for now leave it as it is to not make changes in the deprecated rules until we will be sure that new ones works fine and are well tested","commit_id":"ba8aff630769a219219c59eb45ed769f1bb1a703"}]}
