Add missing forbidden to not found case for GET namespace API
Covered missing forbidden to not found conversion scenario for GET namespace API. Related: blueprint policy-refactor Change-Id: I5e2d15e861f751031208d2cc36167bacdf91f5a0
This commit is contained in:
parent
cb3369002a
commit
f33504c39b
@ -269,7 +269,7 @@ class NamespaceController(object):
|
||||
md_resource=namespace_obj,
|
||||
enforcer=self.policy)
|
||||
policy_check.get_metadef_namespace()
|
||||
except webob.exc.HTTPForbidden:
|
||||
except (exception.Forbidden, webob.exc.HTTPForbidden):
|
||||
LOG.debug("User not permitted to show namespace '%s'",
|
||||
namespace)
|
||||
# NOTE (abhishekk): Returning 404 Not Found as the
|
||||
|
@ -339,6 +339,10 @@ class TestMetadefNamespacesPolicy(functional.SynchronousAPIBase):
|
||||
resp = self.api_get(path)
|
||||
self.assertEqual(404, resp.status_code)
|
||||
|
||||
# Now try to get the same namespace by different user
|
||||
self.set_policy_rules({'get_metadef_namespace': '@'})
|
||||
self._verify_forbidden_converted_to_not_found(path, 'GET')
|
||||
|
||||
# Now disable get_metadef_objects policy to ensure that you will
|
||||
# get forbidden response
|
||||
self.set_policy_rules({
|
||||
|
@ -451,7 +451,7 @@ class TestMetadefsControllers(base.IsolatedUnitTest):
|
||||
|
||||
def test_namespace_show_non_visible(self):
|
||||
request = unit_test_utils.get_fake_request()
|
||||
self.assertRaises(webob.exc.HTTPForbidden,
|
||||
self.assertRaises(webob.exc.HTTPNotFound,
|
||||
self.namespace_controller.show, request, NAMESPACE2)
|
||||
|
||||
def test_namespace_delete(self):
|
||||
|
Loading…
Reference in New Issue
Block a user