Missing validation for environment name in API

Add environment name validation to API so that when names are entered
by user via the murano client CLI they get validated in the same way
they do via the murano dashboard UI, i.e., name must contain only
alphanumeric or "_-." characters, must start with alpha. If not valid,
raise an exception with a 400 error.

Change-Id: Ib125e017acbdd6b6881ec705763c17170b80e44b
Closes-Bug: 1373045
This commit is contained in:
Brian Tully 2014-09-25 16:39:54 -04:00 committed by Ruslan Kamaldinov
parent 387d309b4a
commit a55b8427a8
2 changed files with 45 additions and 13 deletions

View File

@ -12,6 +12,8 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import re
from oslo.db import exception as db_exc from oslo.db import exception as db_exc
from sqlalchemy import desc from sqlalchemy import desc
from webob import exc from webob import exc
@ -33,6 +35,8 @@ LOG = logging.getLogger(__name__)
API_NAME = 'Environments' API_NAME = 'Environments'
VALID_NAME_REGEX = re.compile('^[a-zA-Z]+[\w-]*$')
class Controller(object): class Controller(object):
@request_statistics.stats_count(API_NAME, 'Index') @request_statistics.stats_count(API_NAME, 'Index')
@ -51,7 +55,8 @@ class Controller(object):
def create(self, request, body): def create(self, request, body):
LOG.debug('Environments:Create <Body {0}>'.format(body)) LOG.debug('Environments:Create <Body {0}>'.format(body))
policy.check('create_environment', request.context) policy.check('create_environment', request.context)
LOG.debug('ENV NAME: {0}>'.format(body['name']))
if VALID_NAME_REGEX.match(str(body['name'])):
try: try:
environment = envs.EnvironmentServices.create( environment = envs.EnvironmentServices.create(
body.copy(), body.copy(),
@ -60,6 +65,12 @@ class Controller(object):
msg = _('Environment with specified name already exists') msg = _('Environment with specified name already exists')
LOG.exception(msg) LOG.exception(msg)
raise exc.HTTPConflict(msg) raise exc.HTTPConflict(msg)
else:
msg = _('Environment name must contain only alphanumeric '
'or "_-." characters, must start with alpha')
LOG.exception(msg)
raise exc.HTTPClientError(msg)
return environment.to_dict() return environment.to_dict()
@request_statistics.stats_count(API_NAME, 'Show') @request_statistics.stats_count(API_NAME, 'Show')
@ -114,8 +125,15 @@ class Controller(object):
'this tenant resources.')) 'this tenant resources.'))
raise exc.HTTPUnauthorized raise exc.HTTPUnauthorized
LOG.debug('ENV NAME: {0}>'.format(body['name']))
if VALID_NAME_REGEX.match(str(body['name'])):
environment.update(body) environment.update(body)
environment.save(session) environment.save(session)
else:
msg = _('Environment name must contain only alphanumeric '
'or "_-." characters, must start with alpha')
LOG.exception(msg)
raise exc.HTTPClientError(msg)
return environment.to_dict() return environment.to_dict()

View File

@ -89,6 +89,20 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
self.assertEqual(expected, json.loads(result.body)) self.assertEqual(expected, json.loads(result.body))
self.assertEqual(3, mock_uuid.call_count) self.assertEqual(3, mock_uuid.call_count)
def test_illegal_environment_name_create(self):
"""Check that an illegal env name results in an HTTPClientError."""
self._set_policy_rules(
{'list_environments': '@',
'create_environment': '@',
'show_environment': '@'}
)
self.expect_policy_check('create_environment')
body = {'name': 'my+#env'}
req = self._post('/environments', json.dumps(body))
result = req.get_response(self.api)
self.assertEqual(400, result.status_code)
def test_missing_environment(self): def test_missing_environment(self):
"""Check that a missing environment results in an HTTPNotFound.""" """Check that a missing environment results in an HTTPNotFound."""
self._set_policy_rules( self._set_policy_rules(
@ -125,7 +139,7 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
'Objects': { 'Objects': {
'?': {'id': '12345'} '?': {'id': '12345'}
}, },
'Attributes': {} 'Attributes': []
} }
) )
e = models.Environment(**expected) e = models.Environment(**expected)
@ -137,11 +151,11 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
del expected['description'] del expected['description']
expected['services'] = [] expected['services'] = []
expected['status'] = 'ready' expected['status'] = 'ready'
expected['name'] = 'renamed env' expected['name'] = 'renamed_env'
expected['updated'] = fake_now expected['updated'] = fake_now
body = { body = {
'name': 'renamed env' 'name': 'renamed_env'
} }
req = self._put('/environments/12345', json.dumps(body)) req = self._put('/environments/12345', json.dumps(body))
result = req.get_response(self.api) result = req.get_response(self.api)