Slawek Kaplonski d73449dd1c Update model_query_scope_is_project to work properly with new policies ...

In case when enforce_new_defaults is set to True in config, Neutron
shouldn't check context.is_admin flag to check if query should or
shouldn't be scoped to just one tenant as user with PROJECT_ADMIN role
will have is_admin flag set to True but such user shouldn't get e.g.
networks which belongs to other tenants and aren't shared in any way.

So that patch improves neutron_lib.db.utils.model_query_scope_is_project
function so it works in different way in case when enforce_new_defaults
is set to True or False. In case when new defaults should be enforced
only SYSTEM_SCOPE tokens and advanced_services can make queries which
are not scoped to single tenant.

Closes-Bug: #1919386
Change-Id: I7760413a562e5d1a86709fc5e2d0df405a6aed30

2021-03-17 13:56:34 +00:00

..

__init__.py

Add pagination helpers

2016-03-18 21:41:41 -04:00

_base.py

make sql fixtures public

2019-06-28 09:39:42 -06:00

test_api.py

Use "unittest.mock" library and drop "mock" installation

2020-03-13 12:10:36 +00:00

test_model_base.py

Make neutron context available in neutron-lib

2017-01-11 18:25:20 -08:00

test_model_query.py

Use "unittest.mock" library and drop "mock" installation

2020-03-13 12:10:36 +00:00

test_resource_extend.py

rehome the resource_extend db module

2018-10-25 15:42:00 -06:00

test_sqlalchemytypes.py

Remove library "six"

2020-01-22 13:16:45 +00:00

test_standard_attr.py

rehome neutron.db.standard_attr

2019-03-21 07:02:14 -06:00

test_utils.py

Update model_query_scope_is_project to work properly with new policies

2021-03-17 13:56:34 +00:00