Comment 0 for bug 1960247

Description
===========
Since the following change was merged, nova allows authorization by user_id for server suspend action.

https://review.opendev.org/c/openstack/nova/+/353344

However the same is not yet implemented in resume action and this results in inconsistent policy rule for corresponding two operations.

Steps to reproduce
==================
* Define policy rules like the following example
  "os_compute_api:os-suspend-server:suspend": "rule:admin_api or user_id:%(user_id)s"
  "os_compute_api:os-suspend-server:resume": "rule:admin_api or user_id:%(user_id)s"
* Create a server by a non-admin user
* Suspend the server by the user
* Resume the server by the user

Expected result
===============
Both suspend and resume are accepted

Actual result
=============
Only suspend is accepted and resume fails with

ERROR (Forbidden): Policy doesn't allow os_compute_api:os-suspend-server:suspend to be performed. (HTTP 403) (Request-ID: req-...)

Environment
===========
This issue was initially reported as one found in stable/xena deployment.

Logs & Configs
==============
N/A