Missing validation for environment name in API
Add environment name validation to API so that when names are entered by user via the murano client CLI they get validated in the same way they do via the murano dashboard UI, i.e., name must contain only alphanumeric or "_-." characters, must start with alpha. If not valid, raise an exception with a 400 error. Change-Id: Ib125e017acbdd6b6881ec705763c17170b80e44b Closes-Bug: 1373045
This commit is contained in:
parent
387d309b4a
commit
a55b8427a8
@ -12,6 +12,8 @@
|
|||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
|
import re
|
||||||
|
|
||||||
from oslo.db import exception as db_exc
|
from oslo.db import exception as db_exc
|
||||||
from sqlalchemy import desc
|
from sqlalchemy import desc
|
||||||
from webob import exc
|
from webob import exc
|
||||||
@ -33,6 +35,8 @@ LOG = logging.getLogger(__name__)
|
|||||||
|
|
||||||
API_NAME = 'Environments'
|
API_NAME = 'Environments'
|
||||||
|
|
||||||
|
VALID_NAME_REGEX = re.compile('^[a-zA-Z]+[\w-]*$')
|
||||||
|
|
||||||
|
|
||||||
class Controller(object):
|
class Controller(object):
|
||||||
@request_statistics.stats_count(API_NAME, 'Index')
|
@request_statistics.stats_count(API_NAME, 'Index')
|
||||||
@ -51,15 +55,22 @@ class Controller(object):
|
|||||||
def create(self, request, body):
|
def create(self, request, body):
|
||||||
LOG.debug('Environments:Create <Body {0}>'.format(body))
|
LOG.debug('Environments:Create <Body {0}>'.format(body))
|
||||||
policy.check('create_environment', request.context)
|
policy.check('create_environment', request.context)
|
||||||
|
LOG.debug('ENV NAME: {0}>'.format(body['name']))
|
||||||
try:
|
if VALID_NAME_REGEX.match(str(body['name'])):
|
||||||
environment = envs.EnvironmentServices.create(
|
try:
|
||||||
body.copy(),
|
environment = envs.EnvironmentServices.create(
|
||||||
request.context.tenant)
|
body.copy(),
|
||||||
except db_exc.DBDuplicateEntry:
|
request.context.tenant)
|
||||||
msg = _('Environment with specified name already exists')
|
except db_exc.DBDuplicateEntry:
|
||||||
|
msg = _('Environment with specified name already exists')
|
||||||
|
LOG.exception(msg)
|
||||||
|
raise exc.HTTPConflict(msg)
|
||||||
|
else:
|
||||||
|
msg = _('Environment name must contain only alphanumeric '
|
||||||
|
'or "_-." characters, must start with alpha')
|
||||||
LOG.exception(msg)
|
LOG.exception(msg)
|
||||||
raise exc.HTTPConflict(msg)
|
raise exc.HTTPClientError(msg)
|
||||||
|
|
||||||
return environment.to_dict()
|
return environment.to_dict()
|
||||||
|
|
||||||
@request_statistics.stats_count(API_NAME, 'Show')
|
@request_statistics.stats_count(API_NAME, 'Show')
|
||||||
@ -114,8 +125,15 @@ class Controller(object):
|
|||||||
'this tenant resources.'))
|
'this tenant resources.'))
|
||||||
raise exc.HTTPUnauthorized
|
raise exc.HTTPUnauthorized
|
||||||
|
|
||||||
environment.update(body)
|
LOG.debug('ENV NAME: {0}>'.format(body['name']))
|
||||||
environment.save(session)
|
if VALID_NAME_REGEX.match(str(body['name'])):
|
||||||
|
environment.update(body)
|
||||||
|
environment.save(session)
|
||||||
|
else:
|
||||||
|
msg = _('Environment name must contain only alphanumeric '
|
||||||
|
'or "_-." characters, must start with alpha')
|
||||||
|
LOG.exception(msg)
|
||||||
|
raise exc.HTTPClientError(msg)
|
||||||
|
|
||||||
return environment.to_dict()
|
return environment.to_dict()
|
||||||
|
|
||||||
|
@ -89,6 +89,20 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
|||||||
self.assertEqual(expected, json.loads(result.body))
|
self.assertEqual(expected, json.loads(result.body))
|
||||||
self.assertEqual(3, mock_uuid.call_count)
|
self.assertEqual(3, mock_uuid.call_count)
|
||||||
|
|
||||||
|
def test_illegal_environment_name_create(self):
|
||||||
|
"""Check that an illegal env name results in an HTTPClientError."""
|
||||||
|
self._set_policy_rules(
|
||||||
|
{'list_environments': '@',
|
||||||
|
'create_environment': '@',
|
||||||
|
'show_environment': '@'}
|
||||||
|
)
|
||||||
|
self.expect_policy_check('create_environment')
|
||||||
|
|
||||||
|
body = {'name': 'my+#env'}
|
||||||
|
req = self._post('/environments', json.dumps(body))
|
||||||
|
result = req.get_response(self.api)
|
||||||
|
self.assertEqual(400, result.status_code)
|
||||||
|
|
||||||
def test_missing_environment(self):
|
def test_missing_environment(self):
|
||||||
"""Check that a missing environment results in an HTTPNotFound."""
|
"""Check that a missing environment results in an HTTPNotFound."""
|
||||||
self._set_policy_rules(
|
self._set_policy_rules(
|
||||||
@ -125,7 +139,7 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
|||||||
'Objects': {
|
'Objects': {
|
||||||
'?': {'id': '12345'}
|
'?': {'id': '12345'}
|
||||||
},
|
},
|
||||||
'Attributes': {}
|
'Attributes': []
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
e = models.Environment(**expected)
|
e = models.Environment(**expected)
|
||||||
@ -137,11 +151,11 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
|||||||
del expected['description']
|
del expected['description']
|
||||||
expected['services'] = []
|
expected['services'] = []
|
||||||
expected['status'] = 'ready'
|
expected['status'] = 'ready'
|
||||||
expected['name'] = 'renamed env'
|
expected['name'] = 'renamed_env'
|
||||||
expected['updated'] = fake_now
|
expected['updated'] = fake_now
|
||||||
|
|
||||||
body = {
|
body = {
|
||||||
'name': 'renamed env'
|
'name': 'renamed_env'
|
||||||
}
|
}
|
||||||
req = self._put('/environments/12345', json.dumps(body))
|
req = self._put('/environments/12345', json.dumps(body))
|
||||||
result = req.get_response(self.api)
|
result = req.get_response(self.api)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user