Hello community, here is the log from the commit of package python-oslo.policy for openSUSE:Factory checked in at 2020-08-10 15:05:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-oslo.policy (Old) and /work/SRC/openSUSE:Factory/.python-oslo.policy.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-oslo.policy" Mon Aug 10 15:05:55 2020 rev:14 rq:825324 version:3.1.1 Changes: -------- --- /work/SRC/openSUSE:Factory/python-oslo.policy/python-oslo.policy.changes 2020-06-05 20:17:37.779274428 +0200 +++ /work/SRC/openSUSE:Factory/.python-oslo.policy.new.3399/python-oslo.policy.changes 2020-08-10 15:06:27.696268590 +0200 @@ -1,0 +2,8 @@ +Mon Aug 10 10:22:25 UTC 2020 - [email protected] + +- update to version 3.1.1 + - Reload files in policy_dirs on primary file change + - Update .gitreview for stable/ussuri + - Update TOX/UPPER_CONSTRAINTS_FILE for stable/ussuri + +------------------------------------------------------------------- Old: ---- oslo.policy-3.1.0.tar.gz New: ---- oslo.policy-3.1.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-oslo.policy.spec ++++++ --- /var/tmp/diff_new_pack.vA9iP0/_old 2020-08-10 15:06:29.824269714 +0200 +++ /var/tmp/diff_new_pack.vA9iP0/_new 2020-08-10 15:06:29.828269716 +0200 @@ -17,13 +17,13 @@ Name: python-oslo.policy -Version: 3.1.0 +Version: 3.1.1 Release: 0 Summary: OpenStack Oslo Policy library License: Apache-2.0 Group: Development/Languages/Python URL: https://launchpad.net/oslo.policy -Source0: https://files.pythonhosted.org/packages/source/o/oslo.policy/oslo.policy-3.1.0.tar.gz +Source0: https://files.pythonhosted.org/packages/source/o/oslo.policy/oslo.policy-3.1.1.tar.gz BuildRequires: openstack-macros BuildRequires: python3-PyYAML >= 3.12 BuildRequires: python3-oslo.config >= 5.2.0 @@ -75,7 +75,7 @@ Documentation for the Oslo Policy library. %prep -%autosetup -p1 -n oslo.policy-3.1.0 +%autosetup -p1 -n oslo.policy-3.1.1 %py_req_cleanup %build ++++++ oslo.policy-3.1.0.tar.gz -> oslo.policy-3.1.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/AUTHORS new/oslo.policy-3.1.1/AUTHORS --- old/oslo.policy-3.1.0/AUTHORS 2020-04-13 18:15:16.000000000 +0200 +++ new/oslo.policy-3.1.1/AUTHORS 2020-07-02 12:21:17.000000000 +0200 @@ -26,6 +26,7 @@ Davanum Srinivas <[email protected]> David Stanek <[email protected]> Dina Belova <[email protected]> +Dmitrii Shcherbakov <[email protected]> Doug Hellmann <[email protected]> Doug Hellmann <[email protected]> Douglas Mendizábal <[email protected]> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/ChangeLog new/oslo.policy-3.1.1/ChangeLog --- old/oslo.policy-3.1.0/ChangeLog 2020-04-13 18:15:16.000000000 +0200 +++ new/oslo.policy-3.1.1/ChangeLog 2020-07-02 12:21:17.000000000 +0200 @@ -1,6 +1,13 @@ CHANGES ======= +3.1.1 +----- + +* Reload files in policy\_dirs on primary file change +* Update TOX/UPPER\_CONSTRAINTS\_FILE for stable/ussuri +* Update .gitreview for stable/ussuri + 3.1.0 ----- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/PKG-INFO new/oslo.policy-3.1.1/PKG-INFO --- old/oslo.policy-3.1.0/PKG-INFO 2020-04-13 18:15:16.000000000 +0200 +++ new/oslo.policy-3.1.1/PKG-INFO 2020-07-02 12:21:17.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.2 Name: oslo.policy -Version: 3.1.0 +Version: 3.1.1 Summary: Oslo Policy library Home-page: https://docs.openstack.org/oslo.policy/latest/ Author: OpenStack diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/oslo.policy.egg-info/PKG-INFO new/oslo.policy-3.1.1/oslo.policy.egg-info/PKG-INFO --- old/oslo.policy-3.1.0/oslo.policy.egg-info/PKG-INFO 2020-04-13 18:15:16.000000000 +0200 +++ new/oslo.policy-3.1.1/oslo.policy.egg-info/PKG-INFO 2020-07-02 12:21:17.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.2 Name: oslo.policy -Version: 3.1.0 +Version: 3.1.1 Summary: Oslo Policy library Home-page: https://docs.openstack.org/oslo.policy/latest/ Author: OpenStack diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/oslo.policy.egg-info/SOURCES.txt new/oslo.policy-3.1.1/oslo.policy.egg-info/SOURCES.txt --- old/oslo.policy-3.1.0/oslo.policy.egg-info/SOURCES.txt 2020-04-13 18:15:16.000000000 +0200 +++ new/oslo.policy-3.1.1/oslo.policy.egg-info/SOURCES.txt 2020-07-02 12:21:17.000000000 +0200 @@ -74,6 +74,7 @@ releasenotes/notes/add_custom_rule_check_plugins-3c15c2c7ca5e.yaml releasenotes/notes/add_reno-3b4ae0789e9c45b4.yaml releasenotes/notes/bug-1779172-c1323c0f647bc44c.yaml +releasenotes/notes/bug-1880959-8f1370a59759d40d.yaml releasenotes/notes/drop-python27-support-9aa06224812cc352.yaml releasenotes/notes/enforce_new_defaults-6ae17d8b8d166a2c.yaml releasenotes/notes/enforce_scope_types-1e92f6a34e4173ef.yaml diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/oslo.policy.egg-info/pbr.json new/oslo.policy-3.1.1/oslo.policy.egg-info/pbr.json --- old/oslo.policy-3.1.0/oslo.policy.egg-info/pbr.json 2020-04-13 18:15:16.000000000 +0200 +++ new/oslo.policy-3.1.1/oslo.policy.egg-info/pbr.json 2020-07-02 12:21:17.000000000 +0200 @@ -1 +1 @@ -{"git_version": "0ed3df2", "is_release": true} \ No newline at end of file +{"git_version": "c8c138e", "is_release": true} \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/oslo.policy.egg-info/requires.txt new/oslo.policy-3.1.1/oslo.policy.egg-info/requires.txt --- old/oslo.policy-3.1.0/oslo.policy.egg-info/requires.txt 2020-04-13 18:15:16.000000000 +0200 +++ new/oslo.policy-3.1.1/oslo.policy.egg-info/requires.txt 2020-07-02 12:21:17.000000000 +0200 @@ -1,9 +1,9 @@ -requests>=2.14.2 +PyYAML>=3.12 oslo.config>=5.2.0 oslo.context>=2.22.0 oslo.i18n>=3.15.3 oslo.serialization!=2.19.1,>=2.18.0 -PyYAML>=3.12 +oslo.utils>=3.40.0 +requests>=2.14.2 six>=1.10.0 stevedore>=1.20.0 -oslo.utils>=3.40.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/oslo_policy/policy.py new/oslo.policy-3.1.1/oslo_policy/policy.py --- old/oslo.policy-3.1.0/oslo_policy/policy.py 2020-04-13 18:14:18.000000000 +0200 +++ new/oslo.policy-3.1.1/oslo_policy/policy.py 2020-07-02 12:20:11.000000000 +0200 @@ -560,6 +560,8 @@ if force_reload: self.use_conf = force_reload + policy_file_rules_changed = False + if self.use_conf: if not self.policy_path: try: @@ -571,18 +573,30 @@ self._informed_no_policy_file = True if self.policy_path: - self._load_policy_file(self.policy_path, force_reload, - overwrite=self.overwrite) + # If the policy file rules have changed any policy.d rules + # also need to be reapplied on top of that change. + policy_file_rules_changed = self._load_policy_file( + self.policy_path, + force_reload, + overwrite=self.overwrite + ) + + force_reload_policy_dir = force_reload + if policy_file_rules_changed: + force_reload_policy_dir = True + for path in self.conf.oslo_policy.policy_dirs: try: path = self._get_policy_path(path) except cfg.ConfigFilesNotFoundError: continue - if (force_reload or self._is_directory_updated( - self._policy_dir_mtimes, path)): - self._walk_through_policy_directory(path, - self._load_policy_file, - force_reload, False) + if (self._is_directory_updated(self._policy_dir_mtimes, path) + or force_reload_policy_dir): + self._walk_through_policy_directory( + path, + self._load_policy_file, + force_reload_policy_dir, False + ) for default in self.registered_rules.values(): if default.deprecated_for_removal: @@ -771,6 +785,8 @@ # is in the cache mtime = 0 if os.path.exists(path): + if not os.path.isdir(path): + raise ValueError('{} is not a directory'.format(path)) # Make a list of all the files files = [path] + [os.path.join(path, file) for file in os.listdir(path)] @@ -809,14 +825,25 @@ self.file_rules[name] = RuleDefault(name, check_str) def _load_policy_file(self, path, force_reload, overwrite=True): + """Load policy rules from the specified policy file. + + :param str path: A path of the policy file to load rules from. + :param bool force_reload: Forcefully reload the policy file content. + :param bool overwrite: Replace policy rules instead of updating them. + :return: A bool indicating whether rules have been changed or not. + :rtype: bool + """ + rules_changed = False reloaded, data = _cache_handler.read_cached_file( self._file_cache, path, force_reload=force_reload) if reloaded or not self.rules: rules = Rules.load(data, self.default_rule) self.set_rules(rules, overwrite=overwrite, use_conf=True) + rules_changed = True self._record_file_rules(data, overwrite) self._loaded_files.append(path) LOG.debug('Reloaded policy file: %(path)s', {'path': path}) + return rules_changed def _get_policy_path(self, path): """Locate the policy YAML/JSON data file/path. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/oslo_policy/tests/test_policy.py new/oslo.policy-3.1.1/oslo_policy/tests/test_policy.py --- old/oslo.policy-3.1.0/oslo_policy/tests/test_policy.py 2020-04-13 18:14:18.000000000 +0200 +++ new/oslo.policy-3.1.1/oslo_policy/tests/test_policy.py 2020-07-02 12:20:11.000000000 +0200 @@ -296,6 +296,48 @@ os.path.join('policy.d', 'b.conf'), ]) + def test_load_directory_after_file_update(self): + self.create_config_file( + os.path.join('policy.d', 'a.conf'), POLICY_A_CONTENTS) + self.enforcer.load_rules(True) + self.assertIsNotNone(self.enforcer.rules) + loaded_rules = jsonutils.loads(str(self.enforcer.rules)) + self.assertEqual('role:fakeA', loaded_rules['default']) + self.assertEqual('is_admin:True', loaded_rules['admin']) + self.check_loaded_files([ + 'policy.json', + os.path.join('policy.d', 'a.conf'), + ]) + new_policy_json_contents = jsonutils.dumps({ + "default": "rule:admin", + "admin": "is_admin:True", + "foo": "rule:bar", + }) + # Modify the policy.json file and then validate that the rules + # from the policy directory are re-applied on top of the + # new rules from the file. + self.create_config_file('policy.json', new_policy_json_contents) + policy_file_path = self.get_config_file_fullname('policy.json') + # Force the mtime change since the unit test may write to this file + # too fast for mtime to actually change. + stinfo = os.stat(policy_file_path) + os.utime(policy_file_path, (stinfo.st_atime + 42, + stinfo.st_mtime + 42)) + + self.enforcer.load_rules() + + self.assertIsNotNone(self.enforcer.rules) + loaded_rules = jsonutils.loads(str(self.enforcer.rules)) + self.assertEqual('role:fakeA', loaded_rules['default']) + self.assertEqual('is_admin:True', loaded_rules['admin']) + self.assertEqual('rule:bar', loaded_rules['foo']) + self.check_loaded_files([ + 'policy.json', + os.path.join('policy.d', 'a.conf'), + 'policy.json', + os.path.join('policy.d', 'a.conf'), + ]) + def test_load_directory_opts_registered(self): self._test_scenario_with_opts_registered(self.test_load_directory) @@ -421,6 +463,7 @@ [os.path.join('policy.d', 'a.conf')], group='oslo_policy') self.assertRaises(ValueError, self.enforcer.load_rules, True) + self.assertRaises(ValueError, self.enforcer.load_rules, False) @mock.patch('oslo_policy.policy.Enforcer.check_rules') def test_load_rules_twice(self, mock_check_rules): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/releasenotes/notes/bug-1880959-8f1370a59759d40d.yaml new/oslo.policy-3.1.1/releasenotes/notes/bug-1880959-8f1370a59759d40d.yaml --- old/oslo.policy-3.1.0/releasenotes/notes/bug-1880959-8f1370a59759d40d.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/oslo.policy-3.1.1/releasenotes/notes/bug-1880959-8f1370a59759d40d.yaml 2020-07-02 12:20:11.000000000 +0200 @@ -0,0 +1,8 @@ +--- +fixes: + - | + [`bug 1880959 <https://bugs.launchpad.net/keystone/+bug/1880959>`_] + The behavior of policy file reloading from policy directories was fixed. + Previously the rules from policy files located in the directories + specified in the ``policy_dirs`` option were not reapplied after the rules + from the primary policy file have been reapplied due to a change. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oslo.policy-3.1.0/tox.ini new/oslo.policy-3.1.1/tox.ini --- old/oslo.policy-3.1.0/tox.ini 2020-04-13 18:14:18.000000000 +0200 +++ new/oslo.policy-3.1.1/tox.ini 2020-07-02 12:20:11.000000000 +0200 @@ -6,7 +6,7 @@ [testenv] basepython = python3 deps = - -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} + -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/ussuri} -r{toxinidir}/test-requirements.txt -r{toxinidir}/requirements.txt -r{toxinidir}/doc/requirements.txt
