openstack/deb-murano
Code Issues Proposed changes

Missing validation for environment name in API

Browse Source 
Add environment name validation to API so that when names are entered
by user via the murano client CLI they get validated in the same way
they do via the murano dashboard UI, i.e., name must contain only
alphanumeric or "_-." characters, must start with alpha. If not valid,
raise an exception with a 400 error.

Change-Id: Ib125e017acbdd6b6881ec705763c17170b80e44b
Closes-Bug: 1373045
This commit is contained in:
Brian Tully 2014-09-25 16:39:54 -04:00 committed by Ruslan Kamaldinov
parent 387d309b4a
commit a55b8427a8
2 changed files with 45 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
murano/api/v1/environments.py
View File

@ -12,6 +12,8 @@
# License for the specific language governing permissions and limitations
# under the License.
import re
from oslo.db import exception as db_exc
from sqlalchemy import desc
from webob import exc
@ -33,6 +35,8 @@ LOG = logging.getLogger(__name__)
API_NAME = 'Environments'
VALID_NAME_REGEX = re.compile('^[a-zA-Z]+[\w-]*$')
class Controller(object):
@request_statistics.stats_count(API_NAME, 'Index')
@ -51,15 +55,22 @@ class Controller(object):
def create(self, request, body):
LOG.debug('Environments:Create <Body {0}>'.format(body))
policy.check('create_environment', request.context)
try:
environment = envs.EnvironmentServices.create(
body.copy(),
request.context.tenant)
except db_exc.DBDuplicateEntry:
msg = _('Environment with specified name already exists')
LOG.debug('ENV NAME: {0}>'.format(body['name']))
if VALID_NAME_REGEX.match(str(body['name'])):
try:
environment = envs.EnvironmentServices.create(
body.copy(),
request.context.tenant)
except db_exc.DBDuplicateEntry:
msg = _('Environment with specified name already exists')
LOG.exception(msg)
raise exc.HTTPConflict(msg)
else:
msg = _('Environment name must contain only alphanumeric '
'or "_-." characters, must start with alpha')
LOG.exception(msg)
raise exc.HTTPConflict(msg)
raise exc.HTTPClientError(msg)
return environment.to_dict()
@request_statistics.stats_count(API_NAME, 'Show')
@ -114,8 +125,15 @@ class Controller(object):
'this tenant resources.'))
raise exc.HTTPUnauthorized
environment.update(body)
environment.save(session)
LOG.debug('ENV NAME: {0}>'.format(body['name']))
if VALID_NAME_REGEX.match(str(body['name'])):
environment.update(body)
environment.save(session)
else:
msg = _('Environment name must contain only alphanumeric '
'or "_-." characters, must start with alpha')
LOG.exception(msg)
raise exc.HTTPClientError(msg)
return environment.to_dict()

20
murano/tests/unit/api/v1/test_environments.py
View File

@ -89,6 +89,20 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
self.assertEqual(expected, json.loads(result.body))
self.assertEqual(3, mock_uuid.call_count)
def test_illegal_environment_name_create(self):
"""Check that an illegal env name results in an HTTPClientError."""
self._set_policy_rules(
{'list_environments': '@',
'create_environment': '@',
'show_environment': '@'}
)
self.expect_policy_check('create_environment')
body = {'name': 'my+#env'}
req = self._post('/environments', json.dumps(body))
result = req.get_response(self.api)
self.assertEqual(400, result.status_code)
def test_missing_environment(self):
"""Check that a missing environment results in an HTTPNotFound."""
self._set_policy_rules(
@ -125,7 +139,7 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
'Objects': {
'?': {'id': '12345'}
},
'Attributes': {}
'Attributes': []
}
)
e = models.Environment(**expected)
@ -137,11 +151,11 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
del expected['description']
expected['services'] = []
expected['status'] = 'ready'
expected['name'] = 'renamed env'
expected['name'] = 'renamed_env'
expected['updated'] = fake_now
body = {
'name': 'renamed env'
'name': 'renamed_env'
}
req = self._put('/environments/12345', json.dumps(body))
result = req.get_response(self.api)