Throw 405 when specified method not allowed in Secret Metadatum

This patch resolves a bug where a 404 was being thrown instead of
a 405, when an invalid method was performed. It was because
pecan index() can't handle fallback when a method consumes
additional arguments.

Change-Id: I8daddba238a977baa6d0366b2412b626df247d8e
Closes-Bug: #1554350
changes/65/290765/4
Fernando Diaz 7 years ago
parent 032da9612a
commit 6f97d23ce7
  1. 11
      barbican/api/controllers/secrets.py
  2. 17
      barbican/tests/api/controllers/test_secretmeta.py

@ -78,8 +78,15 @@ class SecretController(controllers.ACLMixin):
return secretmeta.SecretMetadataController(self.secret), \
remainder
else:
return secretmeta.SecretMetadatumController(self.secret), \
remainder
request_method = pecan.request.method
allowed_methods = ['GET', 'PUT', 'DELETE']
if request_method in allowed_methods:
return secretmeta.SecretMetadatumController(self.secret), \
remainder
else:
# methods cannot be handled at controller level
pecan.abort(405)
else:
# only 'acl' and 'metadata' as sub-resource is supported
pecan.abort(405)

@ -1,4 +1,4 @@
# Copyright (c) 2016 IBM
# Copyright (c) 2017 IBM
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -255,6 +255,21 @@ class WhenTestingSecretMetadatumResource(utils.BarbicanAPIBaseTestCase):
expect_errors=True)
self.assertEqual(405, resp.status_int)
@mock.patch('barbican.model.repositories.SecretUserMetadatumRepo.'
'get_metadata_for_secret')
def test_returns_405_for_head_on_metadatum(self, mocked_get):
secret_id, secret_resp = create_secret(self.app)
mocked_get.return_value = self.valid_metadata['metadata']
meta_resp = create_secret_metadatum(self.app,
self.valid_metadatum,
secret_id)
self.assertEqual(201, meta_resp.status_int)
resp = self.app.head('/secrets/{0}/metadata/access-limit'.format(
secret_id), expect_errors=True)
self.assertEqual(405, resp.status_int)
# ----------------------- Helper Functions ---------------------------
def create_secret(app, name=None, algorithm=None, bit_length=None, mode=None,

Loading…
Cancel
Save