policy.json does not contain rule for auto-allocated-topologies removal

Hi Mykola,

What leads you to believe we need to add a policy to delete auto allocated topology? We have an API test (https://github.com/openstack/neutron-tempest-plugin/blob/master/neutron_tempest_plugin/api/test_auto_allocated_topology.py#L109) that routinely runs successfully in our CI jobs that tests the delete auto allocated configuration operation. Here's a recent example from our neutron-tempest-plugin-api job: http://logs.openstack.org/80/585180/3/check/neutron-tempest-plugin-api/798bf29/job-output.txt.gz#_2018-08-03_15_40_38_123265

Marking the bug incomplete until more information is provided

Hello Miguel,

We are working on increasing Neutron RBAC Coverage in openstack/patrole [0].
The goal of this project is validating the correctness and integrity of the cloud's RBAC implementation.

You are speaking about API tests in general, when patrole will verify that (in this scenario) non-admin users will not sudenly get rights to call delete on it. To do so we expect policy.json describe who have rights to call certain APIs.

[0] https://github.com/openstack/patrole

Thanks

Link to patchset: https://review.openstack.org/#/c/588304/

Reviewed: https://review.openstack.org/588304
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=9caf87bb0c97dae75f8ea0ab459ec282766906d5
Submitter: Zuul
Branch: master

commit 9caf87bb0c97dae75f8ea0ab459ec282766906d5
Author: Mykola Yakovliev <email address hidden>
Date: Thu Aug 2 09:54:42 2018 -0500

    Add delete rule for auto_allocated_topology

    This patchset updates policy.json to cover delete action for
    auto_allocated_topology introduced in Neutron API [0].

    [0] https://developer.openstack.org/api-ref/network/v2/index.html#delete-the-auto-allocated-topology

    Closes-bug: #1785349
    Change-Id: If7b5c3262370057e6b40d96967d355cd0ee7e2d3

This issue was fixed in the openstack/neutron 14.0.0.0b1 development milestone.