Comment 0 for bug 1044218

policy check do not work properly for update_port operation in quantum v2 API.
For example, I want to check the fixed_ip of a port and I typed the following cmd:
$ quantum update-port 89b8d2aa-9d2a-4d79-a7d2-08362a435c73 --fixed_ip {"subnet_id": "3e3142c6-cc0f-49c2-bedb-9f6c1b23c801", "ip_address": "10.0.1.2"}
then policy_enforce got called with:
target = {'status': u'ACTIVE', 'network_id': u'c46727f3-8b02-4dd9-8295-171e2a91c4fa', u'port': {u'fixed_ip': [u'{subnet_id:', u'3e3142c6-cc0f-49c2-bedb-9f6c1b23c801,', u'ip_address:', u'10.0.1.2}']}, 'id': u'89b8d2aa-9d2a-4d79-a7d2-08362a435c73', 'tenant_id': u'251bd6bb546a4bd2a08b7e2b2907e18c'}
However, _is_attribute_explicitly_set will try to get 'fixed_ip' field on building match list which will always fail. This issue exists for all update_port operation because all the field need to update was packed in 'port' field of target.