Merge "Fix http 500 when no accept header passed to secret GET /payload"

2015-06-09 20:48:21 +00:00
parent 123bb31138 d0349286e7
commit 42d2b7f43a
3 changed files with 58 additions and 2 deletions
--- a/barbican/api/controllers/secrets.py
+++ b/barbican/api/controllers/secrets.py
@ -127,7 +127,10 @@ class SecretController(controllers.ACLMixin):
        external_project_id = secret.project_assocs[0].projects.external_id
        project = res.get_or_create_project(external_project_id)

-        pecan.override_template('', pecan.request.accept.header_value)
+        # default to application/octet-stream if there is no Accept header
+        accept_header = getattr(pecan.request.accept, 'header_value',
+                                'application/octet-stream')
+        pecan.override_template('', accept_header)

        twsk = kwargs.get('trans_wrapped_session_key', None)
        transport_key = None
@ -136,7 +139,7 @@ class SecretController(controllers.ACLMixin):
            transport_key = self._get_transport_key(
                kwargs.get('transport_key_id', None))

-        return plugin.get_secret(pecan.request.accept.header_value,
+        return plugin.get_secret(accept_header,
                                 secret,
                                 project,
                                 twsk,
--- a/barbican/tests/api/controllers/test_secrets.py
+++ b/barbican/tests/api/controllers/test_secrets.py
@ -280,6 +280,40 @@ class WhenGettingPuttingOrDeletingSecret(utils.BarbicanAPIBaseTestCase):
        self.assertEqual(200, get_resp.status_int)
        self.assertEqual(payload, get_resp.body)

+    def test_get_secret_payload_with_blank_accept_header(self):
+        payload = 'a very interesting string'
+        resp, secret_uuid = create_secret(
+            self.app,
+            payload=payload,
+            content_type='text/plain'
+        )
+
+        self.assertEqual(201, resp.status_int)
+
+        headers = {'Accept': ''}
+        get_resp = self.app.get(
+            '/secrets/{0}/payload'.format(secret_uuid), headers=headers
+        )
+        self.assertEqual(200, get_resp.status_int)
+        self.assertEqual(payload, get_resp.body)
+
+    def test_get_secret_payload_with_no_accept_header(self):
+        payload = 'a very interesting string'
+        resp, secret_uuid = create_secret(
+            self.app,
+            payload=payload,
+            content_type='text/plain'
+        )
+
+        self.assertEqual(201, resp.status_int)
+
+        headers = {}
+        get_resp = self.app.get(
+            '/secrets/{0}/payload'.format(secret_uuid), headers=headers
+        )
+        self.assertEqual(200, get_resp.status_int)
+        self.assertEqual(payload, get_resp.body)
+
    def test_get_secret_is_decoded_for_binary(self):
        payload = 'a123'
        resp, secret_uuid = create_secret(
--- a/functionaltests/api/v1/functional/test_secrets.py
+++ b/functionaltests/api/v1/functional/test_secrets.py
@ -180,6 +180,25 @@ class SecretsTestCase(base.TestCase):
        resp = self.behaviors.get_secret_metadata('not_a_uuid')
        self.assertEqual(resp.status_code, 404)

+    @testcase.attr('positive')
+    def test_secret_get_payload_no_accept_header(self):
+        """GET a secret payload, do not pass in accept header.
+
+        Should return a 200.
+        """
+        test_model = secret_models.SecretModel(
+            **self.default_secret_create_data)
+
+        resp, secret_ref = self.behaviors.create_secret(test_model)
+        self.assertEqual(resp.status_code, 201)
+
+        get_resp = self.behaviors.get_secret(
+            secret_ref,
+            payload_content_type='')
+        self.assertEqual(get_resp.status_code, 200)
+        self.assertIn(test_model.payload,
+                      binascii.b2a_base64(get_resp.content))
+
    @testcase.attr('negative')
    def test_secret_delete_doesnt_exist(self):
        """DELETE a non-existent secret.