Merge "Add schema validation to create user v2"
This commit is contained in:
commit
91586b7741
|
@ -21,7 +21,7 @@ from keystone.common import dependency
|
|||
from keystone.common import validation
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
from keystone.i18n import _, _LW
|
||||
from keystone.i18n import _LW
|
||||
from keystone.identity import schema
|
||||
from keystone import notifications
|
||||
|
||||
|
@ -61,18 +61,12 @@ class User(controller.V2Controller):
|
|||
# CRUD extension
|
||||
@controller.v2_deprecated
|
||||
def create_user(self, request, user):
|
||||
validation.lazy_validate(schema.user_create_v2, user)
|
||||
user = self._normalize_OSKSADM_password_on_request(user)
|
||||
user = self.normalize_username_in_request(user)
|
||||
user = self._normalize_dict(user)
|
||||
self.assert_admin(request)
|
||||
|
||||
if 'name' not in user or not user['name']:
|
||||
msg = _('Name field is required and cannot be empty')
|
||||
raise exception.ValidationError(message=msg)
|
||||
if 'enabled' in user and not isinstance(user['enabled'], bool):
|
||||
msg = _('Enabled field must be a boolean')
|
||||
raise exception.ValidationError(message=msg)
|
||||
|
||||
default_project_id = user.pop('tenantId', None)
|
||||
if default_project_id is not None:
|
||||
# Check to see if the project is valid before moving on.
|
||||
|
|
|
@ -35,6 +35,24 @@ _user_properties_v2 = {
|
|||
}
|
||||
}
|
||||
|
||||
user_create_v2 = {
|
||||
'type': 'object',
|
||||
'properties': _user_properties_v2,
|
||||
'anyOf': [
|
||||
{
|
||||
'required': ['username']
|
||||
},
|
||||
{
|
||||
'required': ['name']
|
||||
}
|
||||
],
|
||||
'additionalProperties': True
|
||||
}
|
||||
|
||||
# NOTE(ghugo): minProperties value should really be 1, however it
|
||||
# is currently set to 0 to avoid breaking backwards compatability,
|
||||
# and tempest tests.
|
||||
|
||||
user_update_v2 = {
|
||||
'type': 'object',
|
||||
'properties': _user_properties_v2,
|
||||
|
|
|
@ -311,9 +311,60 @@ class UserValidationTestCase(unit.BaseTestCase):
|
|||
def setUp(self):
|
||||
super(UserValidationTestCase, self).setUp()
|
||||
|
||||
schema_user_create = identity_schema.user_create_v2
|
||||
schema_user_update = identity_schema.user_update_v2
|
||||
self.create_validator = validators.SchemaValidator(schema_user_create)
|
||||
self.update_validator = validators.SchemaValidator(schema_user_update)
|
||||
|
||||
def test_validate_user_create_succeeds_with_name(self):
|
||||
request = {
|
||||
'name': uuid.uuid4().hex
|
||||
}
|
||||
self.create_validator.validate(request)
|
||||
|
||||
def test_validate_user_create_succeeds_with_username(self):
|
||||
request = {
|
||||
'username': uuid.uuid4().hex
|
||||
}
|
||||
self.create_validator.validate(request)
|
||||
|
||||
def test_validate_user_create_fails_with_invalid_params(self):
|
||||
request = {
|
||||
'bogus': uuid.uuid4().hex
|
||||
}
|
||||
self.assertRaises(exception.SchemaValidationError,
|
||||
self.create_validator.validate,
|
||||
request)
|
||||
|
||||
def test_validate_user_create_fails_with_invalid_name(self):
|
||||
for invalid_name in _INVALID_NAMES:
|
||||
request = {
|
||||
'name': invalid_name
|
||||
}
|
||||
self.assertRaises(exception.SchemaValidationError,
|
||||
self.create_validator.validate,
|
||||
request)
|
||||
|
||||
def test_validate_user_create_with_enabled(self):
|
||||
"""Validate `enabled` as boolean-like values."""
|
||||
for valid_enabled in _VALID_ENABLED_FORMATS:
|
||||
request = {
|
||||
'name': uuid.uuid4().hex,
|
||||
'enabled': valid_enabled
|
||||
}
|
||||
self.create_validator.validate(request)
|
||||
|
||||
def test_validate_user_create_with_invalid_enabled_fails(self):
|
||||
"""Exception is raised when `enabled` isn't a boolean-like value."""
|
||||
for invalid_enabled in _INVALID_ENABLED_FORMATS:
|
||||
request = {
|
||||
'name': uuid.uuid4().hex,
|
||||
'enabled': invalid_enabled
|
||||
}
|
||||
self.assertRaises(exception.SchemaValidationError,
|
||||
self.create_validator.validate,
|
||||
request)
|
||||
|
||||
def test_validate_user_update_succeeds_with_name(self):
|
||||
request = {
|
||||
'name': uuid.uuid4().hex,
|
||||
|
|
Loading…
Reference in New Issue