diff --git a/karbor/api/v1/quotas.py b/karbor/api/v1/quotas.py index 5303a055..01d9e33e 100644 --- a/karbor/api/v1/quotas.py +++ b/karbor/api/v1/quotas.py @@ -153,8 +153,6 @@ class QuotasController(wsgi.Controller): db.quota_update(context, project_id, key, value) except exception.ProjectQuotaNotFound: db.quota_create(context, project_id, key, value) - except exception.AdminRequired: - raise exc.HTTPForbidden() LOG.info("Update quotas successfully.", resource={'id': project_id}) @@ -184,11 +182,7 @@ class QuotasController(wsgi.Controller): msg = _("Invalid project id provided.") raise exc.HTTPBadRequest(explanation=msg) context.can(quota_policy.DELETE_POLICY) - try: - db.authorize_project_context(context, id) - QUOTAS.destroy_all_by_project(context, id) - except exception.NotAuthorized: - raise exc.HTTPForbidden() + QUOTAS.destroy_all_by_project(context, id) LOG.info("Delete quotas successfully.", resource={'id': id}) diff --git a/karbor/tests/unit/api/v1/test_quotas.py b/karbor/tests/unit/api/v1/test_quotas.py index cc61f120..d7405750 100644 --- a/karbor/tests/unit/api/v1/test_quotas.py +++ b/karbor/tests/unit/api/v1/test_quotas.py @@ -67,6 +67,15 @@ class QuotaApiTest(base.TestCase): self.assertRaises(exc.HTTPBadRequest, self.controller.update, req, "73f74f90a1754bd7ad658afb3272323f", body=body) + def test_quota_update_with_not_admin_context(self): + body = {"quota": {"plans": 20}} + req = fakes.HTTPRequest.blank( + '/v1/quotas/73f74f90a1754bd7ad658afb3272323f', + use_admin_context=False) + self.assertRaises( + exception.PolicyNotAuthorized, self.controller.update, + req, "73f74f90a1754bd7ad658afb3272323f", body=body) + @mock.patch( 'karbor.quota.DbQuotaDriver.get_defaults') def test_quota_defaults(self, mock_quota_get):