Add deletecollection verb to admin/edit roles

openshift · Feb 17, 2016 · a685817 · a685817
1 parent 4db577d
commit a685817
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 11 deletions.
diff --git a/pkg/cmd/server/bootstrappolicy/policy.go b/pkg/cmd/server/bootstrappolicy/policy.go
@@ -100,12 +100,12 @@ func GetBootstrapClusterRoles() []authorizationapi.ClusterRole {
 			},
 			Rules: []authorizationapi.PolicyRule{
 				{
-					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete"),
+					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"),
 					Resources: sets.NewString(authorizationapi.OpenshiftExposedGroupName, authorizationapi.PermissionGrantingGroupName, authorizationapi.KubeExposedGroupName, "projects", "secrets", "pods/attach", "pods/proxy", "pods/exec", "pods/portforward", authorizationapi.DockerBuildResource, authorizationapi.SourceBuildResource, authorizationapi.CustomBuildResource, "deploymentconfigs/scale"),
 				},
 				{
 					APIGroups: []string{authorizationapi.APIGroupExtensions},
-					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete"),
+					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"),
 					Resources: sets.NewString("daemonsets", "jobs", "horizontalpodautoscalers", "replicationcontrollers/scale"),
 				},
 				{
@@ -130,12 +130,12 @@ func GetBootstrapClusterRoles() []authorizationapi.ClusterRole {
 			},
 			Rules: []authorizationapi.PolicyRule{
 				{
-					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete"),
+					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"),
 					Resources: sets.NewString(authorizationapi.OpenshiftExposedGroupName, authorizationapi.KubeExposedGroupName, "secrets", "pods/attach", "pods/proxy", "pods/exec", "pods/portforward", authorizationapi.DockerBuildResource, authorizationapi.SourceBuildResource, authorizationapi.CustomBuildResource, "deploymentconfigs/scale"),
 				},
 				{
 					APIGroups: []string{authorizationapi.APIGroupExtensions},
-					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete"),
+					Verbs:     sets.NewString("get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"),
 					Resources: sets.NewString("daemonsets", "jobs", "horizontalpodautoscalers", "replicationcontrollers/scale"),
 				},
 				{

diff --git a/pkg/cmd/server/bootstrappolicy/policy_test.go b/pkg/cmd/server/bootstrappolicy/policy_test.go
@@ -1,8 +1,8 @@
 package bootstrappolicy_test
 
 import (
-	"fmt"
 	"io/ioutil"
+	"os"
 	"path/filepath"
 	"testing"
 
@@ -75,11 +75,19 @@ func testObjects(t *testing.T, list *api.List, fixtureFilename string) {
 		t.Fatal(err)
 	}
 	if string(yamlData) != string(expectedYAML) {
-		fmt.Println("Bootstrap policy data does not match the test fixture in " + filename)
-		fmt.Println("If the change is expected, update the fixture with this bootstrap policy data:")
-		fmt.Println("-----------------------------------")
-		fmt.Println(string(yamlData))
-		fmt.Println("-----------------------------------")
-		t.Errorf("Diff between bootstrap data and fixture data in %s:\n-------------\n%s", filename, util.StringDiff(string(yamlData), string(expectedYAML)))
+		t.Errorf("Bootstrap policy data does not match the test fixture in %s", filename)
+
+		const updateEnvVar = "UPDATE_BOOTSTRAP_POLICY_FIXTURE_DATA"
+		if os.Getenv(updateEnvVar) == "true" {
+			if err := ioutil.WriteFile(filename, []byte(yamlData), os.FileMode(0755)); err == nil {
+				t.Logf("Updated data in %s", filename)
+				t.Logf("Verify the diff, commit changes, and rerun the tests")
+			} else {
+				t.Logf("Could not update data in %s: %v", filename, err)
+			}
+		} else {
+			t.Logf("Diff between bootstrap data and fixture data in %s:\n-------------\n%s", filename, util.StringDiff(string(yamlData), string(expectedYAML)))
+			t.Logf("If the change is expected, re-run with %s=true to update the fixtures", updateEnvVar)
+		}
 	}
 }
diff --git a/test/fixtures/bootstrappolicy/bootstrap_cluster_roles.yaml b/test/fixtures/bootstrappolicy/bootstrap_cluster_roles.yaml
@@ -196,6 +196,7 @@ items:
     verbs:
     - create
     - delete
+    - deletecollection
     - get
     - list
     - patch
@@ -212,6 +213,7 @@ items:
     verbs:
     - create
     - delete
+    - deletecollection
     - get
     - list
     - patch
@@ -312,6 +314,7 @@ items:
     verbs:
     - create
     - delete
+    - deletecollection
     - get
     - list
     - patch
@@ -328,6 +331,7 @@ items:
     verbs:
     - create
     - delete
+    - deletecollection
     - get
     - list
     - patch