From 794314789581c228daddf3106c7eefae7b204057 Mon Sep 17 00:00:00 2001
From: Kevin_Zheng <zhengzhenyu@huawei.com>
Date: Fri, 24 Mar 2017 16:27:32 +0800
Subject: [PATCH] Add description to policies in server_groups.py

Add description to policies in server_groups.py
This patch also fix a typo in server_groups.py

blueprint policy-docs

Change-Id: I3abe1cfcddae1f68927450edeee0e743ddbe696a
---
 nova/api/openstack/compute/server_groups.py |  2 +-
 nova/policies/server_groups.py              | 57 ++++++++++++++++-----
 2 files changed, 46 insertions(+), 13 deletions(-)

diff --git a/nova/api/openstack/compute/server_groups.py b/nova/api/openstack/compute/server_groups.py
index 412912288c..27e14161a5 100644
--- a/nova/api/openstack/compute/server_groups.py
+++ b/nova/api/openstack/compute/server_groups.py
@@ -85,7 +85,7 @@ class ServerGroupController(wsgi.Controller):
     @wsgi.response(204)
     @extensions.expected_errors(404)
     def delete(self, req, id):
-        """Delete an server group."""
+        """Delete a server group."""
         context = _authorize_context(req, 'delete')
         try:
             sg = objects.InstanceGroup.get_by_uuid(context, id)
diff --git a/nova/policies/server_groups.py b/nova/policies/server_groups.py
index bd303a627d..4edfef955e 100644
--- a/nova/policies/server_groups.py
+++ b/nova/policies/server_groups.py
@@ -27,21 +27,54 @@ server_groups_policies = [
     policy.RuleDefault(
         name=POLICY_ROOT % 'discoverable',
         check_str=base.RULE_ANY),
+    # TODO(Kevin_Zheng): remove this rule as this not used by any API
     policy.RuleDefault(
         name=BASE_POLICY_NAME,
         check_str=base.RULE_ADMIN_OR_OWNER),
-    policy.RuleDefault(
-        name=POLICY_ROOT % 'create',
-        check_str=BASE_POLICY_RULE),
-    policy.RuleDefault(
-        name=POLICY_ROOT % 'delete',
-        check_str=BASE_POLICY_RULE),
-    policy.RuleDefault(
-        name=POLICY_ROOT % 'index',
-        check_str=BASE_POLICY_RULE),
-    policy.RuleDefault(
-        name=POLICY_ROOT % 'show',
-        check_str=BASE_POLICY_RULE),
+    base.create_rule_default(
+        POLICY_ROOT % 'create',
+        BASE_POLICY_RULE,
+        "Create a new server group",
+        [
+            {
+                'path': '/os-server-groups',
+                'method': 'POST'
+            }
+        ]
+    ),
+    base.create_rule_default(
+        POLICY_ROOT % 'delete',
+        BASE_POLICY_RULE,
+        "Delete a server group",
+        [
+            {
+                'path': '/os-server-groups/{server_group_id}',
+                'method': 'DELETE'
+            }
+        ]
+    ),
+    base.create_rule_default(
+        POLICY_ROOT % 'index',
+        BASE_POLICY_RULE,
+        "List all server groups",
+        [
+            {
+                'path': '/os-server-groups',
+                'method': 'GET'
+            }
+        ]
+    ),
+    base.create_rule_default(
+        POLICY_ROOT % 'show',
+        BASE_POLICY_RULE,
+        "Show details of a server group",
+        [
+            {
+                'path': '/os-server-groups/{server_group_id}',
+                'method': 'GET'
+            }
+        ]
+    ),
 ]