Check all_tenants value in security_service api
Add manila.utils.is_all_tenants to check all_tenants value. Partial-Bug: #1777551 Co-Authored-By: Yu Weizhong <yuweizhong@cmss.chinamobile.com> Change-Id: I1c8068cb0d4652f1f0349dc5a8d0a2d3af2318e0
This commit is contained in:
zhangqing
Goutham Pacha Ravi
parent
b2787fded5
commit
bb8859f8ac
@ -28,6 +28,7 @@ from manila import db
|
|||||||
from manila import exception
|
from manila import exception
|
||||||
from manila.i18n import _
|
from manila.i18n import _
|
||||||
from manila import policy
|
from manila import policy
|
||||||
|
from manila import utils
|
||||||
|
|
||||||
|
|
||||||
RESOURCE_NAME = 'security_service'
|
RESOURCE_NAME = 'security_service'
|
||||||
@ -106,7 +107,7 @@ class SecurityServiceController(wsgi.Controller):
|
|||||||
security_services = share_nw['security_services']
|
security_services = share_nw['security_services']
|
||||||
del search_opts['share_network_id']
|
del search_opts['share_network_id']
|
||||||
else:
|
else:
|
||||||
if 'all_tenants' in search_opts and context.is_admin:
|
if context.is_admin and utils.is_all_tenants(search_opts):
|
||||||
policy.check_policy(context, RESOURCE_NAME,
|
policy.check_policy(context, RESOURCE_NAME,
|
||||||
'get_all_security_services')
|
'get_all_security_services')
|
||||||
security_services = db.security_service_get_all(context)
|
security_services = db.security_service_get_all(context)
|
||||||
|
|||||||
@ -313,6 +313,25 @@ class ShareApiTest(test.TestCase):
|
|||||||
fake_context, fake_context.project_id
|
fake_context, fake_context.project_id
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@mock.patch.object(db, 'security_service_get_all', mock.Mock())
|
||||||
|
def test_security_services_list_all_tenants_with_invalid_value(self):
|
||||||
|
req = fakes.HTTPRequest.blank(
|
||||||
|
'/security-services?all_tenants=nerd',
|
||||||
|
use_admin_context=True)
|
||||||
|
self.assertRaises(exception.InvalidInput, self.controller.index, req)
|
||||||
|
|
||||||
|
@mock.patch.object(db, 'security_service_get_all_by_project', mock.Mock())
|
||||||
|
def test_security_services_list_all_tenants_with_value_zero(self):
|
||||||
|
db.security_service_get_all_by_project.return_value = []
|
||||||
|
req = fakes.HTTPRequest.blank(
|
||||||
|
'/security-services?all_tenants=0',
|
||||||
|
use_admin_context=True)
|
||||||
|
res_dict = self.controller.index(req)
|
||||||
|
self.assertEqual({'security_services': []}, res_dict)
|
||||||
|
db.security_service_get_all_by_project.assert_called_once_with(
|
||||||
|
req.environ['manila.context'],
|
||||||
|
req.environ['manila.context'].project_id)
|
||||||
|
|
||||||
@mock.patch.object(db, 'security_service_get_all_by_project', mock.Mock())
|
@mock.patch.object(db, 'security_service_get_all_by_project', mock.Mock())
|
||||||
def test_security_services_list_admin_context_invalid_opts(self):
|
def test_security_services_list_admin_context_invalid_opts(self):
|
||||||
db.security_service_get_all_by_project.return_value = [
|
db.security_service_get_all_by_project.return_value = [
|
||||||
|
|||||||
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
The ``all_tenants`` query parameter in the security services API (GET
|
||||||
|
/v2/{project_id}/security-services) has been fixed to accept 'f',
|
||||||
|
'false', 'off', 'n', 'no', or '0'. Setting the flag to any of these values
|
||||||
|
will retrieve security services only from the requester's project
|
||||||
|
namespace.
|
||||||
Loading…
Reference in New Issue
Block a user