[API] Endpoint to create policies

[Martouta]

Fixes THREESCALE-1910 - API Endpoint to create policies

Specific tasks

I recommend looking at it commit by commit.

• Create policies table in the database containing the attributes as we agreed and belonging to an account:
  
• Create the first Policy representer to respond with this data created above (not the final response data of the request, but step by step 😄 ). This also implies creating the model and making the association between Account and Policy.
• API endpoint to create policies. Happy path working and tested. Errors not done or tested yet.
• Validate uniqueness of provider+name+version and test that the API request responds with the proper error.
• Update Policy tenant_id with triggers and update the rake for "update all the current DB data for tenant_id".
• ApiDocs documentation. First version, corresponding to [API] Endpoint to create policies #593 (comment) .
• Validate presence of name, version, account_id, and schema.
• Create a new scope for policy_registry and authenticate with this scope.
• Validate that the account is a tenant + Validate the json of schema using this manifest: https://github.com/3scale/apicast/blob/c3e431df20f65686798d1e67d8c4e9f568ef9c08/gateway/src/apicast/policy/manifest-schema.json
  An example of this json would be: https://github.com/3scale/apicast/blob/master/gateway/src/apicast/policy/upstream/apicast-policy.json
• Rolling update to enable this because this will be deployed in SaaS 1st. Disabled for master.
• Respond the data with the same format of what is being returned in:
  

  porta/app/controllers/admin/api/policies_controller.rb

  Lines 20 to 26 in 587505f

  	def index
  	policies = Policies::PoliciesListService.call
  	respond_to do |format|
  	format.json { render json: policies }
  	end
  	end

[codecov]

Codecov Report

Merging #593 into master will decrease coverage by <.01%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master     #593      +/-   ##
==========================================
- Coverage   92.74%   92.74%   -0.01%     
==========================================
  Files        2355     2357       +2     
  Lines       76244    76239       -5     
==========================================
- Hits        70710    70705       -5     
  Misses       5534     5534

Impacted Files	Coverage Δ
...ion/admin/api/registry/policies_controller_test.rb	100% <100%> (ø)
...trollers/admin/api/registry/policies_controller.rb	100% <100%> (ø)
config/routes.rb	98% <100%> (ø)	⬆️
app/indices/account_index.rb	94.11% <0%> (-0.33%)	⬇️
test/unit/account/search_test.rb	100% <0%> (ø)	⬆️
spec/acceptance/api/user_spec.rb
spec/acceptance/api/feature_spec.rb	100% <0%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7017a79...5b76347. Read the comment docs.

[codecov]

Codecov Report

Merging #593 into master will increase coverage by 0.03%.
The diff coverage is 99.08%.

@@            Coverage Diff             @@
##           master     #593      +/-   ##
==========================================
+ Coverage   92.75%   92.78%   +0.03%     
==========================================
  Files        2355     2367      +12     
  Lines       76299    76668     +369     
==========================================
+ Hits        70768    71137     +369     
  Misses       5531     5531

Impacted Files	Coverage Δ
...rollers/admin/api/member_permissions_controller.rb	95% <ø> (ø)	⬆️
...ers/admin/api/personal/access_tokens_controller.rb	100% <ø> (ø)	⬆️
app/lib/three_scale/policies/specification.rb	100% <100%> (ø)
...ion/admin/api/registry/policies_controller_test.rb	100% <100%> (ø)
test/unit/member_permission_test.rb	100% <100%> (ø)	⬆️
app/models/account/provider_methods.rb	91.06% <100%> (+0.05%)	⬆️
config/abilities/provider_any.rb	100% <100%> (ø)	⬆️
app/models/admin_section.rb	100% <100%> (ø)	⬆️
test/unit/admin_section_test.rb	100% <100%> (ø)	⬆️
config/routes.rb	98% <100%> (ø)	⬆️
... and 34 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b08ec3f...5742226. Read the comment docs.

[Martouta]

[OUTDATED]

So far I've done this:

Request: curl -v -X POST "http://provider-admin.example.com.lvh.me:3000/admin/api/registry/policies.json" -d 'access_token=f46d02db1502511135bd11e54fad2505c40877236c24f23369b667a24c3bf7d9&name=example+name&version=example+version&schema=%7Bexample%3A+'Example+without+validating+the+JSON+at+this+point'%7D'
Response:

{
 "policy": {
  "id": 1,
  "name": "example name",
  "version": "example version",
  "schema": "{example: 'Example without validating the JSON at this point'}",
  "created_at": "2019-02-13T14:11:57Z",
  "updated_at": "2019-02-13T14:11:57Z"
 }
}

[josemigallas]

PolicyRegistry actions would be more accurate, since the component it refers to the component.

[guicassolato]

I don't get what you mean by

the component it refers to the component.

"Policies Registry" was an attempt to make it clear it is about a registry of possible multiple custom policies, as opposed to a single policy registry. Even though "Policies Registry" is not grammatically incorrect AFAIK, it's probably a good thing to keep it "Policy Registry" as you said for consistency with other (most) API endpoints that also describe actions on collections of records.

Currently most of the API endpoints are in the form "Item Collection" (singular-singular), such as "Invoice List" instead of "Invoices List". Although we do have exceptions already, like "Account Features List" (plural-singular). The current endpoint to fetch APIcast policies spells it "APIcast Policies Registry" (plural-singular). I think I'll have to change that too.

[guicassolato]

Should we also change the name of the rolling update and the name of the member permission section?

cc @josemigallas @hallelujah @secretsurf @thomasmaas

[didierofrivia]

It feels that we might want to refactor at some point to keep consistency.

[guicassolato]

Changed everything to "policy registry", including the title of the already existing API endpoint
"APIcast Policies Registry" (now "APIcast Policy Registry")

[josemigallas]

Variables in JS are named in cammelCase. Otherwise LGTM.

#593 (comment)

[hallelujah]

Looks good
There are some things that could be refactored but minor