openstack/deb-sahara
Code Issues Proposed changes

Adding sanitization for trusts in JobExecution model

Browse Source 
Although there is no data model update to JobExecution there are some
minor changes to ensure that trust ids don't leak from the JobExecution
representations.

Changes
* adding sanitizing for trusts to the JobExecution Resource
* adding testing for trusts filter from JobExecution

Partially implement: blueprint edp-swift-trust-authentication
Change-Id: If88bba39efdab01195878a5b1d43bb6c975531b9
This commit is contained in:
Michael McCune 2014-07-24 17:30:41 -04:00
parent 5afd4fcab5
commit f9b0cd30b5
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sahara/conductor/resource.py
View File

@ -224,6 +224,8 @@ class JobExecution(Resource, objects.JobExecution):
configs[swift_helper.HADOOP_SWIFT_USERNAME] = ""
if swift_helper.HADOOP_SWIFT_PASSWORD in configs:
configs[swift_helper.HADOOP_SWIFT_PASSWORD] = ""
if 'trusts' in job_configs:
del job_configs['trusts']
return job_configs
def sanitize_info(self, info):

9
sahara/tests/unit/conductor/test_resource.py
View File

@ -115,6 +115,10 @@ SAMPLE_JOB_EXECUTION = {
swift_helper.HADOOP_SWIFT_PASSWORD: "openstack",
swift_helper.HADOOP_SWIFT_USERNAME: "admin",
"myfavoriteconfig": 1
},
"trusts": {
"input_id": "9c528755099149b8b7166f3d0fa3bf10",
"output_id": "3f2bde9d43ec440381dc9f736481e2b0"
}
},
"job_id": "d0f3e397-7bef-42f9-a4db-e5a96059246e",
@ -211,6 +215,9 @@ class TestResource(testtools.TestCase):
job_exec['job_configs']['configs'])
for a in job_exec['info']['actions']:
self.assertIn('conf', a)
self.assertIn('trusts', job_exec['job_configs'])
self.assertIn('input_id', job_exec['job_configs']['trusts'])
self.assertIn('output_id', job_exec['job_configs']['trusts'])
wrapped_dict = job_exec.to_wrapped_dict()['job_execution']
self.assertNotIn('extra', wrapped_dict)
@ -223,3 +230,5 @@ class TestResource(testtools.TestCase):
for a in wrapped_dict['info']['actions']:
self.assertNotIn('conf', a)
self.assertNotIn('trusts', wrapped_dict['job_configs'])