From c701226cde99513cd9bc13ce37cb67dd0f3ae177 Mon Sep 17 00:00:00 2001 From: Zane Bitter Date: Fri, 22 Jan 2016 12:34:36 -0500 Subject: [PATCH] ReST API: Use constants in get_allowed_params whitelists Change-Id: I97663c1fb146f9e8350fead5db5f47f753cb2ef5 --- heat/api/openstack/v1/events.py | 16 ++++---- heat/api/openstack/v1/resources.py | 2 +- heat/api/openstack/v1/software_configs.py | 4 +- heat/api/openstack/v1/software_deployments.py | 2 +- heat/api/openstack/v1/stacks.py | 40 +++++++++---------- heat/api/openstack/v1/util.py | 15 +++++-- heat/tests/api/openstack_v1/test_util.py | 16 ++++---- 7 files changed, 52 insertions(+), 43 deletions(-) diff --git a/heat/api/openstack/v1/events.py b/heat/api/openstack/v1/events.py index 289643832a..d1d40a561e 100644 --- a/heat/api/openstack/v1/events.py +++ b/heat/api/openstack/v1/events.py @@ -102,16 +102,16 @@ class EventController(object): def index(self, req, identity, resource_name=None): """Lists summary information for all events.""" whitelist = { - 'limit': 'single', - 'marker': 'single', - 'sort_dir': 'single', - 'sort_keys': 'multi', + 'limit': util.PARAM_TYPE_SINGLE, + 'marker': util.PARAM_TYPE_SINGLE, + 'sort_dir': util.PARAM_TYPE_SINGLE, + 'sort_keys': util.PARAM_TYPE_MULTI, } filter_whitelist = { - 'resource_status': 'mixed', - 'resource_action': 'mixed', - 'resource_name': 'mixed', - 'resource_type': 'mixed', + 'resource_status': util.PARAM_TYPE_MIXED, + 'resource_action': util.PARAM_TYPE_MIXED, + 'resource_name': util.PARAM_TYPE_MIXED, + 'resource_type': util.PARAM_TYPE_MIXED, } params = util.get_allowed_params(req.params, whitelist) filter_params = util.get_allowed_params(req.params, filter_whitelist) diff --git a/heat/api/openstack/v1/resources.py b/heat/api/openstack/v1/resources.py index 99f04e9e23..db2230a530 100644 --- a/heat/api/openstack/v1/resources.py +++ b/heat/api/openstack/v1/resources.py @@ -114,7 +114,7 @@ class ResourceController(object): def show(self, req, identity, resource_name): """Gets detailed information for a resource.""" - whitelist = {'with_attr': 'multi'} + whitelist = {'with_attr': util.PARAM_TYPE_MULTI} params = util.get_allowed_params(req.params, whitelist) if 'with_attr' not in params: params['with_attr'] = None diff --git a/heat/api/openstack/v1/software_configs.py b/heat/api/openstack/v1/software_configs.py index 12ffd8dae7..fcf54582a3 100644 --- a/heat/api/openstack/v1/software_configs.py +++ b/heat/api/openstack/v1/software_configs.py @@ -45,8 +45,8 @@ class SoftwareConfigController(object): def _index(self, req, tenant_safe=True): whitelist = { - 'limit': 'single', - 'marker': 'single' + 'limit': util.PARAM_TYPE_SINGLE, + 'marker': util.PARAM_TYPE_SINGLE } params = util.get_allowed_params(req.params, whitelist) scs = self.rpc_client.list_software_configs(req.context, diff --git a/heat/api/openstack/v1/software_deployments.py b/heat/api/openstack/v1/software_deployments.py index 242b142914..369383bc48 100644 --- a/heat/api/openstack/v1/software_deployments.py +++ b/heat/api/openstack/v1/software_deployments.py @@ -38,7 +38,7 @@ class SoftwareDeploymentController(object): def index(self, req): """List software deployments.""" whitelist = { - 'server_id': 'single', + 'server_id': util.PARAM_TYPE_SINGLE, } params = util.get_allowed_params(req.params, whitelist) sds = self.rpc_client.list_software_deployments(req.context, **params) diff --git a/heat/api/openstack/v1/stacks.py b/heat/api/openstack/v1/stacks.py index 525e4cc652..a9cfaf3e54 100644 --- a/heat/api/openstack/v1/stacks.py +++ b/heat/api/openstack/v1/stacks.py @@ -190,29 +190,29 @@ class StackController(object): filter_whitelist = { # usage of keys in this list are not encouraged, please use # rpc_api.STACK_KEYS instead - 'id': 'mixed', - 'status': 'mixed', - 'name': 'mixed', - 'action': 'mixed', - 'tenant': 'mixed', - 'username': 'mixed', - 'owner_id': 'mixed', + 'id': util.PARAM_TYPE_MIXED, + 'status': util.PARAM_TYPE_MIXED, + 'name': util.PARAM_TYPE_MIXED, + 'action': util.PARAM_TYPE_MIXED, + 'tenant': util.PARAM_TYPE_MIXED, + 'username': util.PARAM_TYPE_MIXED, + 'owner_id': util.PARAM_TYPE_MIXED, } whitelist = { - 'limit': 'single', - 'marker': 'single', - 'sort_dir': 'single', - 'sort_keys': 'multi', - 'show_deleted': 'single', - 'show_nested': 'single', - 'show_hidden': 'single', - 'tags': 'single', - 'tags_any': 'single', - 'not_tags': 'single', - 'not_tags_any': 'single', + 'limit': util.PARAM_TYPE_SINGLE, + 'marker': util.PARAM_TYPE_SINGLE, + 'sort_dir': util.PARAM_TYPE_SINGLE, + 'sort_keys': util.PARAM_TYPE_MULTI, + 'show_deleted': util.PARAM_TYPE_SINGLE, + 'show_nested': util.PARAM_TYPE_SINGLE, + 'show_hidden': util.PARAM_TYPE_SINGLE, + 'tags': util.PARAM_TYPE_SINGLE, + 'tags_any': util.PARAM_TYPE_SINGLE, + 'not_tags': util.PARAM_TYPE_SINGLE, + 'not_tags_any': util.PARAM_TYPE_SINGLE, } params = util.get_allowed_params(req.params, whitelist) - stack_keys = dict.fromkeys(rpc_api.STACK_KEYS, 'mixed') + stack_keys = dict.fromkeys(rpc_api.STACK_KEYS, util.PARAM_TYPE_MIXED) unsupported = ( rpc_api.STACK_ID, # not user visible rpc_api.STACK_CAPABILITIES, # not supported @@ -536,7 +536,7 @@ class StackController(object): data = InstantiationData(body) - whitelist = {'show_nested': 'single'} + whitelist = {'show_nested': util.PARAM_TYPE_SINGLE} params = util.get_allowed_params(req.params, whitelist) show_nested = False diff --git a/heat/api/openstack/v1/util.py b/heat/api/openstack/v1/util.py index 4b00e9d351..8218e7a84f 100644 --- a/heat/api/openstack/v1/util.py +++ b/heat/api/openstack/v1/util.py @@ -72,6 +72,13 @@ def make_link(req, identity, relationship='self'): return {'href': make_url(req, identity), 'rel': relationship} +PARAM_TYPES = ( + PARAM_TYPE_SINGLE, PARAM_TYPE_MULTI, PARAM_TYPE_MIXED +) = ( + 'single', 'multi', 'mixed' +) + + def get_allowed_params(params, whitelist): """Extract from ``params`` all entries listed in ``whitelist``. @@ -88,12 +95,14 @@ def get_allowed_params(params, whitelist): allowed_params = {} for key, get_type in six.iteritems(whitelist): + assert get_type in PARAM_TYPES + value = None - if get_type == 'single': + if get_type == PARAM_TYPE_SINGLE: value = params.get(key) - elif get_type == 'multi': + elif get_type == PARAM_TYPE_MULTI: value = params.getall(key) - elif get_type == 'mixed': + elif get_type == PARAM_TYPE_MIXED: value = params.getall(key) if isinstance(value, list) and len(value) == 1: value = value.pop() diff --git a/heat/tests/api/openstack_v1/test_util.py b/heat/tests/api/openstack_v1/test_util.py index 9c832c317f..210f62d83e 100644 --- a/heat/tests/api/openstack_v1/test_util.py +++ b/heat/tests/api/openstack_v1/test_util.py @@ -27,7 +27,7 @@ class TestGetAllowedParams(common.HeatTestCase): req = wsgi.Request({}) self.params = req.params.copy() self.params.add('foo', 'foo value') - self.whitelist = {'foo': 'single'} + self.whitelist = {'foo': util.PARAM_TYPE_SINGLE} def test_returns_empty_dict(self): self.whitelist = {} @@ -36,7 +36,7 @@ class TestGetAllowedParams(common.HeatTestCase): self.assertEqual({}, result) def test_only_adds_whitelisted_params_if_param_exists(self): - self.whitelist = {'foo': 'single'} + self.whitelist = {'foo': util.PARAM_TYPE_SINGLE} self.params.clear() result = util.get_allowed_params(self.params, self.whitelist) @@ -54,7 +54,7 @@ class TestGetAllowedParams(common.HeatTestCase): self.assertEqual('foo value', result['foo']) def test_handles_multiple_value_params(self): - self.whitelist = {'foo': 'multi'} + self.whitelist = {'foo': util.PARAM_TYPE_MULTI} self.params.add('foo', 'foo value 2') result = util.get_allowed_params(self.params, self.whitelist) @@ -63,7 +63,7 @@ class TestGetAllowedParams(common.HeatTestCase): self.assertIn('foo value 2', result['foo']) def test_handles_mixed_value_param_with_multiple_entries(self): - self.whitelist = {'foo': 'mixed'} + self.whitelist = {'foo': util.PARAM_TYPE_MIXED} self.params.add('foo', 'foo value 2') result = util.get_allowed_params(self.params, self.whitelist) @@ -72,15 +72,15 @@ class TestGetAllowedParams(common.HeatTestCase): self.assertIn('foo value 2', result['foo']) def test_handles_mixed_value_param_with_single_entry(self): - self.whitelist = {'foo': 'mixed'} + self.whitelist = {'foo': util.PARAM_TYPE_MIXED} result = util.get_allowed_params(self.params, self.whitelist) self.assertEqual('foo value', result['foo']) - def test_ignores_bogus_whitelist_items(self): + def test_bogus_whitelist_items(self): self.whitelist = {'foo': 'blah'} - result = util.get_allowed_params(self.params, self.whitelist) - self.assertNotIn('foo', result) + self.assertRaises(AssertionError, util.get_allowed_params, + self.params, self.whitelist) class TestPolicyEnforce(common.HeatTestCase):