This makes our API fixture pass roles in line with the user that
is being used. For admin_api, the admin role is included, and two
other clients are added for "reader" and "other".

Change-Id: I4aa985072103aeab50a1a3db4784081a492dcb7b

Replace the following items with Python 3 style code.

- six.moves.configparser
- six.moves.StringIO
- six.moves.cStringIO
- six.moves.urllib
- six.moves.builtins
- six.moves.range
- six.moves.xmlrpc_client
- six.moves.http_client
- six.moves.http_cookies
- six.moves.queue
- six.moves.zip
- six.moves.reload_module
- six.StringIO
- six.BytesIO

Subsequent patches will replace other six usages.

Change-Id: Ib2c406327fef2fb4868d8050fc476a7d17706e23
Implements: blueprint six-removal
Signed-off-by: Takashi Natsume <takanattie@gmail.com>

GET [1], PUT [2] and DELETE [3] os-volume_attachments APIs all take the
server and volume ids as part of the request path. This change simply
replaces any reference to attachment_id when calling these APIs from the
functional API client.

[1] https://docs.openstack.org/api-ref/compute/#show-a-detail-of-a-volume-attachment
    GET /servers/{server_id}/os-volume_attachments/{volume_id}

[2] https://docs.openstack.org/api-ref/compute/#update-a-volume-attachment
    PUT /servers/{server_id}/os-volume_attachments/{volume_id}

[3] https://docs.openstack.org/api-ref/compute/#detach-a-volume-from-an-instance
    DELETE /servers/{server_id}/os-volume_attachments/{volume_id}

Change-Id: Ie9e65c93a1abc3778094ab18f2f7916f7f2d0cb8

This adds a regression test for a bug where quota limit checking during
server creates is not properly scoped per-user when per-user quota has
been defined.

As a result, users who should be able to create a server are rejected
with a 403 "quota exceeded" error when they should be allowed to create
a server because servers owned by other users in the project are
incorrectly being counted for the current user.

Related-Bug: #1893284

Change-Id: I615ada45ffcbac081474c0a0cf005afdb8eec953

Enable support for API-based extra spec validation. Since most of the
hard work has been done in previous patches, all that's necessary here
is to wire up the microversion handling and turn things on.

Part of blueprint flavor-extra-spec-validators

Change-Id: If67f0d924ea372746a6dc440ea7bdc655e4f0bea
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>

There is the List Actions For Server API already provide in [1],
but the Show Server Action Details API [2] is often used too, so
add the show instance action details api, and replace it into the
used use case.

[1]https://docs.openstack.org/api-ref/compute/?expanded=#list-actions-for-server
   https://github.com/openstack/nova/blob/stable/train/nova/tests/functional/api/client.py#L428
[2]https://docs.openstack.org/api-ref/compute/?expanded=#show-server-action-details

Change-Id: I4d02f9ab3b87d741642cbc9ac263b0dd7617ad97

In microversion 2.80, the ``GET /os-migrations`` API will have
optional ``user_id`` and ``project_id`` query parameters for
filtering migrations by user and/or project:

* GET /os-migrations?user_id=ef9d34b4-45d0-4530-871b-3fb535988394
* GET /os-migrations?project_id=011ee9f4-8f16-4c38-8633-a254d420fd54
* GET /os-migrations?user_id=ef9d34b4-45d0-4530-871b-3fb535988394&project_id=011ee9f4-8f16-4c38-8633-a254d420fd54

And expose the ``user_id`` and ``project_id`` fields in the following APIs:

* GET /os-migrations
* GET /servers/{server_id}/migrations
* GET /servers/{server_id}/migrations/{migration_id}

Co-Authored-By: Qiu Fossen <qiujunting>
Part of blueprint add-user-id-field-to-the-migrations-table
Change-Id: I7313d6cde1a5e1dc7dd6f3c0dff9f30bbf4bee2c

This rips NoAuthMiddleware completely out of functional tests by:
- Removing our override of [api]auth_strategy in ConfFixture, allowing
  it to default to ``keystone``. This causes the fake wsgi setup to go
  through the same pipeline as real API requests; so making that work
  entails...
- Mocking out the keystonecontext piece of the paste pipeline to create
  the context previously mashed (somewhat inappropriately) into
  NoAuthMiddleware. In the future we may want to mock this more
  shallowly or find a way to make the req more realistic so it needn't
  be mocked at all, but for now this is close to what the noauth2
  pipeline used to do.
- Stubbing out the keystonemiddleware piece of the paste pipeline. In
  the future we should try to use keystonemiddleware's AuthTokenFixture
  so our tests can occur in a more realistic environment, but for now
  this is just mimicking what the noauth2 pipeline used to do; except
  for...
- Removing the authentication portion of the TestOpenStackClient. This
  used to make an actual request(), which landed in NoAuthMiddleware,
  which was hacking together some headers (based, it appears, on a
  protocol which is many years out of date and no longer approximates
  what keystone does, which should be the point if it's going to exist
  at all). So now we just hack up the necessary headers inline.
- Doing the addition of project_id in request URIs in OSAPIFixture.
  This is another thing that NoAuthMiddleware was doing inappropriately
  (IRL the project_id will either be part of the request from the start,
  or it won't). It was also only doing it part of the time; as a result,
  a couple of tests requesting version documents, which were previously
  not expecting the project ID to be present, needed to be modified to
  expect it. This better reflects reality.

Change-Id: I459a605b4a9390f0e36356ca1fe432948159acd4