Merge "ReST API: Use constants in get_allowed_params whitelists"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
8d611985bd
@ -102,16 +102,16 @@ class EventController(object):
|
||||
def index(self, req, identity, resource_name=None):
|
||||
"""Lists summary information for all events."""
|
||||
whitelist = {
|
||||
'limit': 'single',
|
||||
'marker': 'single',
|
||||
'sort_dir': 'single',
|
||||
'sort_keys': 'multi',
|
||||
'limit': util.PARAM_TYPE_SINGLE,
|
||||
'marker': util.PARAM_TYPE_SINGLE,
|
||||
'sort_dir': util.PARAM_TYPE_SINGLE,
|
||||
'sort_keys': util.PARAM_TYPE_MULTI,
|
||||
}
|
||||
filter_whitelist = {
|
||||
'resource_status': 'mixed',
|
||||
'resource_action': 'mixed',
|
||||
'resource_name': 'mixed',
|
||||
'resource_type': 'mixed',
|
||||
'resource_status': util.PARAM_TYPE_MIXED,
|
||||
'resource_action': util.PARAM_TYPE_MIXED,
|
||||
'resource_name': util.PARAM_TYPE_MIXED,
|
||||
'resource_type': util.PARAM_TYPE_MIXED,
|
||||
}
|
||||
params = util.get_allowed_params(req.params, whitelist)
|
||||
filter_params = util.get_allowed_params(req.params, filter_whitelist)
|
||||
|
||||
@ -114,7 +114,7 @@ class ResourceController(object):
|
||||
def show(self, req, identity, resource_name):
|
||||
"""Gets detailed information for a resource."""
|
||||
|
||||
whitelist = {'with_attr': 'multi'}
|
||||
whitelist = {'with_attr': util.PARAM_TYPE_MULTI}
|
||||
params = util.get_allowed_params(req.params, whitelist)
|
||||
if 'with_attr' not in params:
|
||||
params['with_attr'] = None
|
||||
|
||||
@ -45,8 +45,8 @@ class SoftwareConfigController(object):
|
||||
|
||||
def _index(self, req, tenant_safe=True):
|
||||
whitelist = {
|
||||
'limit': 'single',
|
||||
'marker': 'single'
|
||||
'limit': util.PARAM_TYPE_SINGLE,
|
||||
'marker': util.PARAM_TYPE_SINGLE
|
||||
}
|
||||
params = util.get_allowed_params(req.params, whitelist)
|
||||
scs = self.rpc_client.list_software_configs(req.context,
|
||||
|
||||
@ -38,7 +38,7 @@ class SoftwareDeploymentController(object):
|
||||
def index(self, req):
|
||||
"""List software deployments."""
|
||||
whitelist = {
|
||||
'server_id': 'single',
|
||||
'server_id': util.PARAM_TYPE_SINGLE,
|
||||
}
|
||||
params = util.get_allowed_params(req.params, whitelist)
|
||||
sds = self.rpc_client.list_software_deployments(req.context, **params)
|
||||
|
||||
@ -190,29 +190,29 @@ class StackController(object):
|
||||
filter_whitelist = {
|
||||
# usage of keys in this list are not encouraged, please use
|
||||
# rpc_api.STACK_KEYS instead
|
||||
'id': 'mixed',
|
||||
'status': 'mixed',
|
||||
'name': 'mixed',
|
||||
'action': 'mixed',
|
||||
'tenant': 'mixed',
|
||||
'username': 'mixed',
|
||||
'owner_id': 'mixed',
|
||||
'id': util.PARAM_TYPE_MIXED,
|
||||
'status': util.PARAM_TYPE_MIXED,
|
||||
'name': util.PARAM_TYPE_MIXED,
|
||||
'action': util.PARAM_TYPE_MIXED,
|
||||
'tenant': util.PARAM_TYPE_MIXED,
|
||||
'username': util.PARAM_TYPE_MIXED,
|
||||
'owner_id': util.PARAM_TYPE_MIXED,
|
||||
}
|
||||
whitelist = {
|
||||
'limit': 'single',
|
||||
'marker': 'single',
|
||||
'sort_dir': 'single',
|
||||
'sort_keys': 'multi',
|
||||
'show_deleted': 'single',
|
||||
'show_nested': 'single',
|
||||
'show_hidden': 'single',
|
||||
'tags': 'single',
|
||||
'tags_any': 'single',
|
||||
'not_tags': 'single',
|
||||
'not_tags_any': 'single',
|
||||
'limit': util.PARAM_TYPE_SINGLE,
|
||||
'marker': util.PARAM_TYPE_SINGLE,
|
||||
'sort_dir': util.PARAM_TYPE_SINGLE,
|
||||
'sort_keys': util.PARAM_TYPE_MULTI,
|
||||
'show_deleted': util.PARAM_TYPE_SINGLE,
|
||||
'show_nested': util.PARAM_TYPE_SINGLE,
|
||||
'show_hidden': util.PARAM_TYPE_SINGLE,
|
||||
'tags': util.PARAM_TYPE_SINGLE,
|
||||
'tags_any': util.PARAM_TYPE_SINGLE,
|
||||
'not_tags': util.PARAM_TYPE_SINGLE,
|
||||
'not_tags_any': util.PARAM_TYPE_SINGLE,
|
||||
}
|
||||
params = util.get_allowed_params(req.params, whitelist)
|
||||
stack_keys = dict.fromkeys(rpc_api.STACK_KEYS, 'mixed')
|
||||
stack_keys = dict.fromkeys(rpc_api.STACK_KEYS, util.PARAM_TYPE_MIXED)
|
||||
unsupported = (
|
||||
rpc_api.STACK_ID, # not user visible
|
||||
rpc_api.STACK_CAPABILITIES, # not supported
|
||||
@ -536,7 +536,7 @@ class StackController(object):
|
||||
|
||||
data = InstantiationData(body)
|
||||
|
||||
whitelist = {'show_nested': 'single'}
|
||||
whitelist = {'show_nested': util.PARAM_TYPE_SINGLE}
|
||||
params = util.get_allowed_params(req.params, whitelist)
|
||||
|
||||
show_nested = False
|
||||
|
||||
@ -72,6 +72,13 @@ def make_link(req, identity, relationship='self'):
|
||||
return {'href': make_url(req, identity), 'rel': relationship}
|
||||
|
||||
|
||||
PARAM_TYPES = (
|
||||
PARAM_TYPE_SINGLE, PARAM_TYPE_MULTI, PARAM_TYPE_MIXED
|
||||
) = (
|
||||
'single', 'multi', 'mixed'
|
||||
)
|
||||
|
||||
|
||||
def get_allowed_params(params, whitelist):
|
||||
"""Extract from ``params`` all entries listed in ``whitelist``.
|
||||
|
||||
@ -88,12 +95,14 @@ def get_allowed_params(params, whitelist):
|
||||
allowed_params = {}
|
||||
|
||||
for key, get_type in six.iteritems(whitelist):
|
||||
assert get_type in PARAM_TYPES
|
||||
|
||||
value = None
|
||||
if get_type == 'single':
|
||||
if get_type == PARAM_TYPE_SINGLE:
|
||||
value = params.get(key)
|
||||
elif get_type == 'multi':
|
||||
elif get_type == PARAM_TYPE_MULTI:
|
||||
value = params.getall(key)
|
||||
elif get_type == 'mixed':
|
||||
elif get_type == PARAM_TYPE_MIXED:
|
||||
value = params.getall(key)
|
||||
if isinstance(value, list) and len(value) == 1:
|
||||
value = value.pop()
|
||||
|
||||
@ -27,7 +27,7 @@ class TestGetAllowedParams(common.HeatTestCase):
|
||||
req = wsgi.Request({})
|
||||
self.params = req.params.copy()
|
||||
self.params.add('foo', 'foo value')
|
||||
self.whitelist = {'foo': 'single'}
|
||||
self.whitelist = {'foo': util.PARAM_TYPE_SINGLE}
|
||||
|
||||
def test_returns_empty_dict(self):
|
||||
self.whitelist = {}
|
||||
@ -36,7 +36,7 @@ class TestGetAllowedParams(common.HeatTestCase):
|
||||
self.assertEqual({}, result)
|
||||
|
||||
def test_only_adds_whitelisted_params_if_param_exists(self):
|
||||
self.whitelist = {'foo': 'single'}
|
||||
self.whitelist = {'foo': util.PARAM_TYPE_SINGLE}
|
||||
self.params.clear()
|
||||
|
||||
result = util.get_allowed_params(self.params, self.whitelist)
|
||||
@ -54,7 +54,7 @@ class TestGetAllowedParams(common.HeatTestCase):
|
||||
self.assertEqual('foo value', result['foo'])
|
||||
|
||||
def test_handles_multiple_value_params(self):
|
||||
self.whitelist = {'foo': 'multi'}
|
||||
self.whitelist = {'foo': util.PARAM_TYPE_MULTI}
|
||||
self.params.add('foo', 'foo value 2')
|
||||
|
||||
result = util.get_allowed_params(self.params, self.whitelist)
|
||||
@ -63,7 +63,7 @@ class TestGetAllowedParams(common.HeatTestCase):
|
||||
self.assertIn('foo value 2', result['foo'])
|
||||
|
||||
def test_handles_mixed_value_param_with_multiple_entries(self):
|
||||
self.whitelist = {'foo': 'mixed'}
|
||||
self.whitelist = {'foo': util.PARAM_TYPE_MIXED}
|
||||
self.params.add('foo', 'foo value 2')
|
||||
|
||||
result = util.get_allowed_params(self.params, self.whitelist)
|
||||
@ -72,15 +72,15 @@ class TestGetAllowedParams(common.HeatTestCase):
|
||||
self.assertIn('foo value 2', result['foo'])
|
||||
|
||||
def test_handles_mixed_value_param_with_single_entry(self):
|
||||
self.whitelist = {'foo': 'mixed'}
|
||||
self.whitelist = {'foo': util.PARAM_TYPE_MIXED}
|
||||
|
||||
result = util.get_allowed_params(self.params, self.whitelist)
|
||||
self.assertEqual('foo value', result['foo'])
|
||||
|
||||
def test_ignores_bogus_whitelist_items(self):
|
||||
def test_bogus_whitelist_items(self):
|
||||
self.whitelist = {'foo': 'blah'}
|
||||
result = util.get_allowed_params(self.params, self.whitelist)
|
||||
self.assertNotIn('foo', result)
|
||||
self.assertRaises(AssertionError, util.get_allowed_params,
|
||||
self.params, self.whitelist)
|
||||
|
||||
|
||||
class TestPolicyEnforce(common.HeatTestCase):
|
||||
|
||||
Loading…
Reference in New Issue
Block a user