Check for missing param schema in encryption utility
Closes-Bug: #1559302 Change-Id: Ic33a0304b1a325013eba0874bb605e86b0a57622
This commit is contained in:
parent
59084fa24e
commit
8cb315a23b
|
@ -1258,7 +1258,7 @@ def db_encrypt_parameters_and_properties(ctxt, encryption_key, batch_size=50,
|
|||
|
||||
if (not env or
|
||||
'parameters' not in env or
|
||||
not tmpl.param_schemata()):
|
||||
not param_schemata):
|
||||
continue
|
||||
if 'encrypted_param_names' in env:
|
||||
encrypted_params = env['encrypted_param_names']
|
||||
|
@ -1266,9 +1266,10 @@ def db_encrypt_parameters_and_properties(ctxt, encryption_key, batch_size=50,
|
|||
encrypted_params = []
|
||||
|
||||
for param_name, param_val in env['parameters'].items():
|
||||
if ((param_name in encrypted_params) or
|
||||
(not param_schemata[param_name].hidden)):
|
||||
continue
|
||||
if (param_name in encrypted_params or
|
||||
param_name not in param_schemata or
|
||||
not param_schemata[param_name].hidden):
|
||||
continue
|
||||
encrypted_val = crypt.encrypt(six.text_type(param_val),
|
||||
encryption_key)
|
||||
env['parameters'][param_name] = encrypted_val
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import copy
|
||||
import datetime
|
||||
import fixtures
|
||||
import json
|
||||
|
@ -3273,6 +3274,18 @@ class DBAPICryptParamsPropsTest(common.HeatTestCase):
|
|||
self.assertNotIn("Successfully processed resource 1",
|
||||
info_logger2.output)
|
||||
|
||||
def test_db_encrypt_no_param_schema(self):
|
||||
t = copy.deepcopy(self.t)
|
||||
del(t['parameters']['param2'])
|
||||
template = {
|
||||
'template': t,
|
||||
'files': {'foo': 'bar'},
|
||||
'environment': {'encrypted_param_names': [],
|
||||
'parameters': {'param2': 'foo'}}}
|
||||
db_api.raw_template_create(self.ctx, template)
|
||||
self.assertEqual([], db_api.db_encrypt_parameters_and_properties(
|
||||
self.ctx, cfg.CONF.auth_encryption_key))
|
||||
|
||||
def test_db_encrypt_non_string_param_type(self):
|
||||
t = template_format.parse('''
|
||||
heat_template_version: 2013-05-23
|
||||
|
|
Loading…
Reference in New Issue