diff --git a/etc/neutron/policy.d/neutron-fwaas.json b/etc/neutron/policy.d/neutron-fwaas.json
index b27a5b492..eb71e2568 100644
--- a/etc/neutron/policy.d/neutron-fwaas.json
+++ b/etc/neutron/policy.d/neutron-fwaas.json
@@ -1,35 +1,61 @@
 {
     "shared_firewalls": "field:firewalls:shared=True",
     "shared_firewall_policies": "field:firewall_policies:shared=True",
+    "shared_firewall_rules": "field:firewall_rules:shared=True",
 
     "public_firewall_groups": "field:firewall_groups:public=True",
     "public_firewall_policies": "field:firewall_policies:public=True",
     "public_firewall_rules": "field:firewall_rules:public=True",
 
+
     "create_firewall": "",
-    "get_firewall": "rule:admin_or_owner",
-    "create_firewall:shared": "rule:admin_only",
-    "get_firewall:shared": "rule:admin_only",
     "update_firewall": "rule:admin_or_owner",
-    "update_firewall:shared": "rule:admin_only",
     "delete_firewall": "rule:admin_or_owner",
 
+    "create_firewall:shared": "rule:admin_only",
+    "update_firewall:shared": "rule:admin_only",
+    "delete_firewall:shared": "rule:admin_only",
+
+    "get_firewall": "rule:admin_or_owner or rule:shared_firewalls",
+
+
+    "create_firewall_group": "",
+    "update_firewall_group": "rule:admin_or_owner",
+    "delete_firewall_group": "rule:admin_or_owner",
+
+    "create_firewall_group:public": "rule:admin_only",
+    "update_firewall_group:public": "rule:admin_only",
+    "delete_firewall_group:public": "rule:admin_only",
+
+    "get_firewall_group": "rule:admin_or_owner or rule:public_firewall_groups",
+
+
     "create_firewall_policy": "",
-    "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewall_policies or rule:public_firewall_policies",
-    "create_firewall_policy:shared": "rule:admin_or_owner",
     "update_firewall_policy": "rule:admin_or_owner",
     "delete_firewall_policy": "rule:admin_or_owner",
 
+    "create_firewall_policy:shared": "rule:admin_only",
+    "update_firewall_policy:shared": "rule:admin_only",
+    "delete_firewall_policy:shared": "rule:admin_only",
+
+    "create_firewall_policy:public": "rule:admin_only",
+    "update_firewall_policy:public": "rule:admin_only",
+    "delete_firewall_policy:public": "rule:admin_only",
+
+    "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewall_policies or rule:public_firewall_policies",
+
+
     "create_firewall_rule": "",
-    "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewall_rules or rule:public_firewall_rules",
     "update_firewall_rule": "rule:admin_or_owner",
     "delete_firewall_rule": "rule:admin_or_owner",
 
-    "create_firewall_group": "",
-    "get_firewall_group": "rule:admin_or_owner or rule:public_firewall_groups",
-    "create_firewall_group:public": "rule:admin_only",
-    "get_firewall_group:public": "rule:admin_only",
-    "update_firewall_group": "rule:admin_or_owner",
-    "update_firewall_group:public": "rule:admin_only",
-    "delete_firewall_group": "rule:admin_or_owner"
+    "create_firewall_rule:shared": "rule:admin_only",
+    "update_firewall_rule:shared": "rule:admin_only",
+    "delete_firewall_rule:shared": "rule:admin_only",
+
+    "create_firewall_rule:public": "rule:admin_only",
+    "update_firewall_rule:public": "rule:admin_only",
+    "delete_firewall_rule:public": "rule:admin_only",
+
+    "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewall_rules or rule:public_firewall_rules"
 }
diff --git a/neutron_fwaas/tests/base.py b/neutron_fwaas/tests/base.py
index 8932d192b..ba95377a8 100644
--- a/neutron_fwaas/tests/base.py
+++ b/neutron_fwaas/tests/base.py
@@ -14,6 +14,9 @@
 #    under the License.
 #
 
+import os
+
+from neutron.common import test_lib
 from neutron.tests import base as n_base
 from neutron.tests.unit.db import test_db_base_plugin_v2 as test_db_plugin
 
@@ -23,4 +26,19 @@ class BaseTestCase(n_base.BaseTestCase):
 
 
 class NeutronDbPluginV2TestCase(test_db_plugin.NeutronDbPluginV2TestCase):
-    pass
+
+    def setup_config(self):
+        ## Copied from neutron's test_db_base_plugin_v2 because they
+        ## don't allow to specify args
+
+        # Create the default configurations
+        args = ['--config-file', n_base.etcdir('neutron.conf')]
+        # If test_config specifies some config-file, use it, as well
+        for config_file in test_lib.test_config.get('config_files', []):
+            args.extend(['--config-file', config_file])
+
+        ## our own stuff
+        dirpath = os.path.join(os.path.dirname(__file__),
+                            './../../etc/neutron/policy.d')
+        args.extend(['--config-dir', dirpath])
+        self.config_parse(args=args)
diff --git a/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaas_extensions.py b/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaas_extensions.py
index f1c52408f..89defa2a5 100644
--- a/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaas_extensions.py
+++ b/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaas_extensions.py
@@ -135,8 +135,8 @@ class FWaaSExtensionTestJSON(base.BaseFWaaSTest):
 
         # Update firewall rule
         body = self.firewall_rules_client.update_firewall_rule(fw_rule_id,
-                                                               shared=True)
-        self.assertTrue(body["firewall_rule"]['shared'])
+                                                               action="deny")
+        self.assertEqual("deny", body["firewall_rule"]['action'])
 
         # Delete firewall rule
         self.firewall_rules_client.delete_firewall_rule(fw_rule_id)
@@ -178,10 +178,8 @@ class FWaaSExtensionTestJSON(base.BaseFWaaSTest):
         # Update firewall policy
         body = self.firewall_policies_client.update_firewall_policy(
             fw_policy_id,
-            shared=True,
             name="updated_policy")
         updated_fw_policy = body["firewall_policy"]
-        self.assertTrue(updated_fw_policy['shared'])
         self.assertEqual("updated_policy", updated_fw_policy['name'])
 
         # Delete firewall policy
diff --git a/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaasv2_extensions.py b/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaasv2_extensions.py
index 482f7bd19..3733a259f 100644
--- a/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaasv2_extensions.py
+++ b/neutron_fwaas/tests/tempest_plugin/tests/api/test_fwaasv2_extensions.py
@@ -176,8 +176,8 @@ class FWaaSv2ExtensionTestJSON(v2_base.BaseFWaaSTest):
 
         # Update firewall rule
         body = self.firewall_rules_client.update_firewall_rule(fw_rule_id,
-                                                               public=True)
-        self.assertTrue(body["firewall_rule"]['public'])
+                                                               action="deny")
+        self.assertEqual("deny", body["firewall_rule"]['action'])
 
         # Delete firewall rule
         self.firewall_rules_client.delete_firewall_rule(fw_rule_id)
@@ -216,10 +216,8 @@ class FWaaSv2ExtensionTestJSON(v2_base.BaseFWaaSTest):
         # Update firewall policy
         body = self.firewall_policies_client.update_firewall_policy(
             fw_policy_id,
-            public=True,
             name="updated_policy")
         updated_fw_policy = body["firewall_policy"]
-        self.assertTrue(updated_fw_policy['public'])
         self.assertEqual("updated_policy", updated_fw_policy['name'])
 
         # Delete firewall policy
diff --git a/tools/check_unit_test_structure.sh b/tools/check_unit_test_structure.sh
index 10af9dd4a..4e6d58d9f 100755
--- a/tools/check_unit_test_structure.sh
+++ b/tools/check_unit_test_structure.sh
@@ -11,7 +11,8 @@ test_path=$neutron_path/$base_test_path
 test_files=$(find ${test_path} -iname 'test_*.py')
 
 ignore_regexes=(
-    "^plugins.*$"
+    "^plugins.*$",
+    "^misc.*$"
 )
 
 error_count=0