Missing validation for environment name in API
Add environment name validation to API so that when names are entered by user via the murano client CLI they get validated in the same way they do via the murano dashboard UI, i.e., name must contain only alphanumeric or "_-." characters, must start with alpha. If not valid, raise an exception with a 400 error. Change-Id: Ib125e017acbdd6b6881ec705763c17170b80e44b Closes-Bug: 1373045
This commit is contained in:
parent
387d309b4a
commit
a55b8427a8
@ -12,6 +12,8 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import re
|
||||
|
||||
from oslo.db import exception as db_exc
|
||||
from sqlalchemy import desc
|
||||
from webob import exc
|
||||
@ -33,6 +35,8 @@ LOG = logging.getLogger(__name__)
|
||||
|
||||
API_NAME = 'Environments'
|
||||
|
||||
VALID_NAME_REGEX = re.compile('^[a-zA-Z]+[\w-]*$')
|
||||
|
||||
|
||||
class Controller(object):
|
||||
@request_statistics.stats_count(API_NAME, 'Index')
|
||||
@ -51,7 +55,8 @@ class Controller(object):
|
||||
def create(self, request, body):
|
||||
LOG.debug('Environments:Create <Body {0}>'.format(body))
|
||||
policy.check('create_environment', request.context)
|
||||
|
||||
LOG.debug('ENV NAME: {0}>'.format(body['name']))
|
||||
if VALID_NAME_REGEX.match(str(body['name'])):
|
||||
try:
|
||||
environment = envs.EnvironmentServices.create(
|
||||
body.copy(),
|
||||
@ -60,6 +65,12 @@ class Controller(object):
|
||||
msg = _('Environment with specified name already exists')
|
||||
LOG.exception(msg)
|
||||
raise exc.HTTPConflict(msg)
|
||||
else:
|
||||
msg = _('Environment name must contain only alphanumeric '
|
||||
'or "_-." characters, must start with alpha')
|
||||
LOG.exception(msg)
|
||||
raise exc.HTTPClientError(msg)
|
||||
|
||||
return environment.to_dict()
|
||||
|
||||
@request_statistics.stats_count(API_NAME, 'Show')
|
||||
@ -114,8 +125,15 @@ class Controller(object):
|
||||
'this tenant resources.'))
|
||||
raise exc.HTTPUnauthorized
|
||||
|
||||
LOG.debug('ENV NAME: {0}>'.format(body['name']))
|
||||
if VALID_NAME_REGEX.match(str(body['name'])):
|
||||
environment.update(body)
|
||||
environment.save(session)
|
||||
else:
|
||||
msg = _('Environment name must contain only alphanumeric '
|
||||
'or "_-." characters, must start with alpha')
|
||||
LOG.exception(msg)
|
||||
raise exc.HTTPClientError(msg)
|
||||
|
||||
return environment.to_dict()
|
||||
|
||||
|
@ -89,6 +89,20 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
||||
self.assertEqual(expected, json.loads(result.body))
|
||||
self.assertEqual(3, mock_uuid.call_count)
|
||||
|
||||
def test_illegal_environment_name_create(self):
|
||||
"""Check that an illegal env name results in an HTTPClientError."""
|
||||
self._set_policy_rules(
|
||||
{'list_environments': '@',
|
||||
'create_environment': '@',
|
||||
'show_environment': '@'}
|
||||
)
|
||||
self.expect_policy_check('create_environment')
|
||||
|
||||
body = {'name': 'my+#env'}
|
||||
req = self._post('/environments', json.dumps(body))
|
||||
result = req.get_response(self.api)
|
||||
self.assertEqual(400, result.status_code)
|
||||
|
||||
def test_missing_environment(self):
|
||||
"""Check that a missing environment results in an HTTPNotFound."""
|
||||
self._set_policy_rules(
|
||||
@ -125,7 +139,7 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
||||
'Objects': {
|
||||
'?': {'id': '12345'}
|
||||
},
|
||||
'Attributes': {}
|
||||
'Attributes': []
|
||||
}
|
||||
)
|
||||
e = models.Environment(**expected)
|
||||
@ -137,11 +151,11 @@ class TestEnvironmentApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
||||
del expected['description']
|
||||
expected['services'] = []
|
||||
expected['status'] = 'ready'
|
||||
expected['name'] = 'renamed env'
|
||||
expected['name'] = 'renamed_env'
|
||||
expected['updated'] = fake_now
|
||||
|
||||
body = {
|
||||
'name': 'renamed env'
|
||||
'name': 'renamed_env'
|
||||
}
|
||||
req = self._put('/environments/12345', json.dumps(body))
|
||||
result = req.get_response(self.api)
|
||||
|
Loading…
x
Reference in New Issue
Block a user