Add Name restrictions in ContainerValidator

Though user can add a secret to container without a human-friendly name, we'd better to assure the name is valid when user specify. Change-Id: Icc24429bb6982268b6a23f11c65313e5ea6b31c8
2016-01-11 17:19:58 +08:00 · 2016-01-11 17:19:58 +08:00 · 112036419d
commit 112036419d
parent 7adaba348f
2 changed files with 24 additions and 0 deletions
--- a/barbican/common/validators.py
+++ b/barbican/common/validators.py
@ -696,6 +696,9 @@ class ContainerValidator(ValidatorBase):
                        "type": "object",
                        "required": ["secret_ref"],
                        "properties": {
+                            "name": {
+                                "type": ["string", "null"], "maxLength": 255
+                            },
                            "secret_ref": {"type": "string", "minLength": 1}
                        }
                    }
--- a/barbican/tests/common/test_validators.py
+++ b/barbican/tests/common/test_validators.py
@ -628,6 +628,27 @@ class WhenTestingContainerValidator(utils.BaseTestCase):
        self.assertEqual('name', exception.invalid_property)
        self.assertIn('name', exception.message)

+    def test_should_raise_nonstring_secret_name(self):
+        self.secret_refs[0]["name"] = 5
+
+        exception = self.assertRaises(
+            excep.InvalidObject,
+            self.validator.validate,
+            self.container_req,
+        )
+
+        self.assertEqual('secret_refs', exception.invalid_property)
+
+    def test_should_raise_secret_name_too_long(self):
+        self.secret_refs[0]['name'] = 'a' * 256
+
+        exception = self.assertRaises(
+            excep.InvalidObject,
+            self.validator.validate,
+            self.container_req,
+        )
+        self.assertEqual('secret_refs', exception.invalid_property)
+
    def test_should_raise_numeric_name(self):
        self.container_req['name'] = 123