there is an Unexpected API Error when call remove_tenant_access action in nova v3 flavor_access api as an unadmin user

When port flavor_access tempest tests into v3, I found if the remove_tenant_access and add_tenant_access called as non admin user an Unexpected API Error arose.

I look into code, find out the issue is that flavors.add_flavor_access and flavors.remove_flavor_access require admin privilege in DB level but the policy doesn't require it. and the exception is not catched. I think there is the same issue in nova v2 api.

I also think we should remove the privilege check in DB level, but it need more tests, and can be remove in another patch or blue-print.

the tempest log is:
2013-08-28 11:56:08.154 2220 INFO tempest.common.rest_client [-] Request: POST http://192.168.1.101:8774/v3/flavors/155214353/action
2013-08-28 11:56:08.154 2220 DEBUG tempest.common.rest_client [-] Request Headers: {'Content-Type': 'application/json', 'Accept': 'application/json', 'X-Auth-Token': '<Token omitted>'} _log_request /opt/stack/tempest/tempest/common/rest_client.py:295
2013-08-28 11:56:08.154 2220 DEBUG tempest.common.rest_client [-] Request Body: {"add_tenant_access": {"tenant_id": "9bfa07133a42464a8701e3cf367bbb4d"}} _log_request /opt/stack/tempest/tempest/common/rest_client.py:299
2013-08-28 11:56:08.169 2220 INFO tempest.common.rest_client [-] Response Status: 500
2013-08-28 11:56:08.169 2220 DEBUG tempest.common.rest_client [-] Response Headers: {'date': 'Wed, 28 Aug 2013 03:56:08 GMT', 'content-length': '202', 'content-type': 'application/json; charset=UTF-8', 'x-compute-request-id': 'req-17649b30-e3a7-489f-98ab-8cf0ccb0e0ab'} _log_response /opt/stack/tempest/tempest/common/rest_client.py:310
2013-08-28 11:56:08.169 2220 DEBUG tempest.common.rest_client [-] Response Body: {"computeFault": {"message": "Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible.\n<class 'nova.exception.AdminRequired'>", "code": 500}} _log_response /opt/stack/tempest/tempest/common/rest_client.py:314

the nova log is:
2013-08-28 11:56:08.165 DEBUG routes.middleware [-] Matched POST /flavors/155214353/action from (pid=12748) __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
2013-08-28 11:56:08.166 DEBUG routes.middleware [-] Route path: '/flavors/:(id)/action', defaults: {'action': u'action', 'controller': <nova.api.openstack.wsgi.Resource object at 0x4e72050>} from (pid=12748) __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:102
2013-08-28 11:56:08.166 DEBUG routes.middleware [-] Match dict: {'action': u'action', 'controller': <nova.api.openstack.wsgi.Resource object at 0x4e72050>, 'id': u'155214353'} from (pid=12748) __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:103
2013-08-28 11:56:08.166 DEBUG nova.api.openstack.wsgi [req-17649b30-e3a7-489f-98ab-8cf0ccb0e0ab demo demo] Action: 'action', body: {"add_tenant_access": {"tenant_id": "9bfa07133a42464a8701e3cf367bbb4d"}} from (pid=12748) _process_stack /opt/stack/nova/nova/api/openstack/wsgi.py:927
2013-08-28 11:56:08.166 DEBUG nova.api.openstack.wsgi [req-17649b30-e3a7-489f-98ab-8cf0ccb0e0ab demo demo] Calling method <bound method FlavorActionController._add_tenant_access of <nova.api.openstack.compute.plugins.v3.flavor_access.FlavorActionController object at 0x50f5f50>> from (pid=12748) _process_stack /opt/stack/nova/nova/api/openstack/wsgi.py:928
2013-08-28 11:56:08.167 ERROR nova.api.openstack.extensions [req-17649b30-e3a7-489f-98ab-8cf0ccb0e0ab demo demo] Unexpected exception in API method
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions Traceback (most recent call last):
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/api/openstack/extensions.py", line 469, in wrapped
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions return f(*args, **kwargs)
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/api/openstack/compute/plugins/v3/flavor_access.py", line 176, in _add_tenant_access
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions flavors.add_flavor_access(id, tenant, context)
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/compute/flavors.py", line 245, in add_flavor_access
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions return db.flavor_access_add(ctxt, flavorid, projectid)
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/db/api.py", line 1424, in flavor_access_add
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions return IMPL.flavor_access_add(context, flavor_id, project_id)
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/db/sqlalchemy/api.py", line 106, in wrapper
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions nova.context.require_admin_context(args[0])
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions File "/opt/stack/nova/nova/context.py", line 195, in require_admin_context
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions raise exception.AdminRequired()
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions AdminRequired: User does not have admin privileges
2013-08-28 11:56:08.167 TRACE nova.api.openstack.extensions
2013-08-28 11:56:08.167 INFO nova.api.openstack.wsgi [req-17649b30-e3a7-489f-98ab-8cf0ccb0e0ab demo demo] HTTP exception thrown: Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible.
<class 'nova.exception.AdminRequired'>
2013-08-28 11:56:08.168 DEBUG nova.api.openstack.wsgi [req-17649b30-e3a7-489f-98ab-8cf0ccb0e0ab demo demo] Returning 500 to user: Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible.
<class 'nova.exception.AdminRequired'> from (pid=12748) __call__ /opt/stack/nova/nova/api/openstack/wsgi.py:1188
2013-08-28 11:56:08.168 INFO nova.osapi_compute.wsgi.server [req-17649b30-e3a7-489f-98ab-8cf0ccb0e0ab demo demo] 192.168.1.101 "POST /v3/flavors/155214353/action HTTP/1.1" status: 500 len: 409 time: 0.0126910