Added validations

- Empty events list - Missing content-type or wrong content-type - Empty body Change-Id: I5848dd018aee6b9d95bff7be52eece0ac97b2a49 Story: 2003955 Task: 27036
2018-10-10 11:12:07 +02:00 · 2018-10-10 11:12:07 +02:00 · 8c0ddb4f4d
commit 8c0ddb4f4d
parent 3c5e504ede
9 changed files with 103 additions and 100 deletions
--- a/etc/monasca/events-api-paste.ini
+++ b/etc/monasca/events-api-paste.ini
@ -22,7 +22,7 @@ use = egg:Paste#urlmap
 /healthcheck: events_healthcheck
 [pipeline:events_api_v1]
-pipeline = error_trap request_id auth sizelimit middleware api_v1_app
+pipeline = error_trap request_id auth sizelimit api_v1_app
 [pipeline:events_version]
 pipeline = error_trap  versionapp
@ -48,9 +48,6 @@ paste.filter_factory = oslo_middleware.catch_errors:CatchErrors.factory
 [filter:request_id]
 paste.filter_factory = oslo_middleware.request_id:RequestId.factory
 [filter:middleware]
 paste.filter_factory = monasca_events_api.middleware.validation_middleware:ValidationMiddleware.factory
 [filter:sizelimit]
 use = egg:oslo.middleware#sizelimit
--- a/monasca_events_api/app/controller/v1/body_validation.py
+++ b/monasca_events_api/app/controller/v1/body_validation.py
@ -14,8 +14,12 @@
 import six
 from falcon import HTTPUnprocessableEntity
 from oslo_log import log
 from voluptuous import All
 from voluptuous import Any
 from voluptuous import Length
 from voluptuous import MultipleInvalid
 from voluptuous import Required
 from voluptuous import Schema
@ -23,7 +27,8 @@ from voluptuous import Schema
 LOG = log.getLogger(__name__)
-default_schema = Schema({Required("events"): Any(list, dict),
+default_schema = Schema({Required("events"): All(Any(list, dict),
                         Length(min=1)),
                         Required("timestamp"): six.text_type})
@ -33,7 +38,10 @@ def validate_body(request_body):
     Method validate if body contain all required fields,
     and check if all value have correct type.
    :param request_body: body
    """
    try:
        default_schema(request_body)
    except MultipleInvalid as ex:
        LOG.exception(ex)
        raise HTTPUnprocessableEntity(description=ex.error_message)
--- a/monasca_events_api/app/controller/v1/events.py
+++ b/monasca_events_api/app/controller/v1/events.py
@ -13,13 +13,12 @@
 # under the License.
 import falcon
 from oslo_log import log
 from voluptuous import MultipleInvalid
 from monasca_events_api.app.common import helpers
 from monasca_events_api.app.controller.v1 import body_validation
 from monasca_events_api.app.controller.v1 import bulk_processor
 from monasca_events_api.app.core.model import prepare_message_to_sent
 from oslo_log import log
 LOG = log.getLogger(__name__)
@ -51,6 +50,7 @@ class Events(object):
        policy_action = 'events_api:agent_required'
        try:
            req.validate(self.SUPPORTED_CONTENT_TYPES)
            request_body = helpers.read_json_msg_body(req)
            req.can(policy_action)
            project_id = req.project_id
@ -58,14 +58,22 @@ class Events(object):
            messages = prepare_message_to_sent(request_body)
            self._processor.send_message(messages, event_project_id=project_id)
            res.status = falcon.HTTP_200
-        except MultipleInvalid as ex:
+        except falcon.HTTPUnprocessableEntity as ex:
            LOG.error('Entire bulk package was rejected, unsupported body')
            LOG.exception(ex)
-            res.status = falcon.HTTP_422
+            raise ex
        except falcon.HTTPUnsupportedMediaType as ex:
            LOG.error('Entire bulk package was rejected, '
                      'unsupported media type')
            LOG.exception(ex)
            raise ex
        except Exception as ex:
            LOG.error('Entire bulk package was rejected')
            LOG.exception(ex)
-            res.status = falcon.HTTP_400
+            _title = ex.title if hasattr(ex, 'title') else None
            _descr = ex.description if hasattr(ex, 'description') else None
            raise falcon.HTTPError(falcon.HTTP_400,
                                   title=_title, description=_descr)
    @property
    def version(self):
--- a/monasca_events_api/app/core/request.py
+++ b/monasca_events_api/app/core/request.py
@ -17,6 +17,7 @@ from monasca_common.policy import policy_engine as policy
 from oslo_log import log
 from monasca_events_api.app.core import request_contex
 from monasca_events_api.app.core import validation
 from monasca_events_api import policies
 LOG = log.getLogger(__name__)
@ -38,5 +39,19 @@ class Request(falcon.Request):
        self.is_admin = policy.check_is_admin(self.context)
        self.project_id = self.context.project_id
    def validate(self, content_types):
        """Performs common request validation
        Validation checklist (in that order):
        * :py:func:`validation.validate_content_type`
        :param content_types: allowed content-types handler supports
        :type content_types: list
        :raises Exception: if any of the validation fails
        """
        validation.validate_content_type(self, content_types)
    def can(self, action, target=None):
        return self.context.can(action, target)
--- a/monasca_events_api/middleware/validation_middleware.py
+++ b/monasca_events_api/middleware/validation_middleware.py
@ -1,4 +1,4 @@
-# Copyright 2017 FUJITSU LIMITED
+# Copyright 2018 FUJITSU LIMITED
 #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may
 # not use this file except in compliance with the License. You may obtain
@ -14,54 +14,37 @@
 import falcon
 from oslo_log import log
 from oslo_middleware import base
 from monasca_events_api import config
 CONF = config.CONF
 LOG = log.getLogger(__name__)
 SUPPORTED_CONTENT_TYPES = ('application/json',)
 def validate_content_type(req, allowed):
    """Validates content type.
-def _validate_content_type(req):
+    Method validates request against correct
-    """Validate content type.
+    content type.
-    Function validates request against correct content type.
+    If content-type cannot be established (i.e. header is missing),
    If Content-Type cannot be established (i.e. header is missing),
    :py:class:`falcon.HTTPMissingHeader` is thrown.
-    If Content-Type is not **application/json**(supported contents
+    If content-type is not **application/json** or **text/plain**,
    types are define in SUPPORTED_CONTENT_TYPES variable),
    :py:class:`falcon.HTTPUnsupportedMediaType` is thrown.
    :param falcon.Request req: current request
    :param iterable allowed: allowed content type
    :exception: :py:class:`falcon.HTTPMissingHeader`
    :exception: :py:class:`falcon.HTTPUnsupportedMediaType`
    """
    content_type = req.content_type
-    LOG.debug('Content-type is {0}'.format(content_type))
+
    LOG.debug('Content-Type is %s', content_type)
    if content_type is None or len(content_type) == 0:
        raise falcon.HTTPMissingHeader('Content-Type')
-    if content_type not in SUPPORTED_CONTENT_TYPES:
+    if content_type not in allowed:
-        types = ','.join(SUPPORTED_CONTENT_TYPES)
+        sup_types = ', '.join(allowed)
-        details = ('Only [{0}] are accepted as events representation'.
+        details = ('Only [%s] are accepted as logs representations'
-                   format(types))
+                   % str(sup_types))
        raise falcon.HTTPUnsupportedMediaType(description=details)
 class ValidationMiddleware(base.ConfigurableMiddleware):
    """Middleware that validates request content.
    """
    @staticmethod
    def process_request(req):
        _validate_content_type(req)
        return
--- a/monasca_events_api/middleware/init.py
+++ b/monasca_events_api/middleware/init.py
--- a/monasca_events_api/tests/unit/test_body_validation.py
+++ b/monasca_events_api/tests/unit/test_body_validation.py
@ -12,7 +12,7 @@
 # License for the specific language governing permissions and limitations
 # under the License.
-from voluptuous import MultipleInvalid
+from falcon.errors import HTTPUnprocessableEntity
 from monasca_events_api.app.controller.v1.body_validation import validate_body
 from monasca_events_api.tests.unit import base
@ -22,26 +22,36 @@ class TestBodyValidation(base.BaseTestCase):
    def test_missing_events_filed(self):
        body = {'timestamp': '2012-10-29T13:42:11Z+0200'}
-        self.assertRaises(MultipleInvalid, validate_body, body)
+        self.assertRaises(HTTPUnprocessableEntity, validate_body, body)
    def test_missing_timestamp_field(self):
-        body = {'events': []}
+        body = {'events': [{'event': {'payload': 'test'}}]}
-        self.assertRaises(MultipleInvalid, validate_body, body)
+        self.assertRaises(HTTPUnprocessableEntity, validate_body, body)
    def test_empty_events_as_list(self):
        body = {'events': [], 'timestamp': u'2012-10-29T13:42:11Z+0200'}
        self.assertRaises(HTTPUnprocessableEntity, validate_body, body)
    def test_empty_events_as_dict(self):
        body = {'events': {}, 'timestamp': u'2012-10-29T13:42:11Z+0200'}
        self.assertRaises(HTTPUnprocessableEntity, validate_body, body)
    def test_empty_body(self):
        body = {}
-        self.assertRaises(MultipleInvalid, validate_body, body)
+        self.assertRaises(HTTPUnprocessableEntity, validate_body, body)
    def test_incorrect_timestamp_type(self):
        body = {'events': [], 'timestamp': 9000}
-        self.assertRaises(MultipleInvalid, validate_body, body)
+        self.assertRaises(HTTPUnprocessableEntity, validate_body, body)
    def test_incorrect_events_type(self):
        body = {'events': 'over9000', 'timestamp': '2012-10-29T13:42:11Z+0200'}
-        self.assertRaises(MultipleInvalid, validate_body, body)
+        self.assertRaises(HTTPUnprocessableEntity, validate_body, body)
    def test_correct_body(self):
-        body = [{'events': [], 'timestamp': u'2012-10-29T13:42:11Z+0200'},
+        body = [{'events': [{'event': {'payload': 'test'}}],
-                {'events': {}, 'timestamp': u'2012-10-29T13:42:11Z+0200'}]
+                 'timestamp': u'2012-10-29T13:42:11Z+0200'},
                {'events': {'event': {'payload': 'test'}},
                 'timestamp': u'2012-10-29T13:42:11Z+0200'}]
        for b in body:
            validate_body(b)
--- a/monasca_events_api/tests/unit/test_events_v1.py
+++ b/monasca_events_api/tests/unit/test_events_v1.py
@ -125,6 +125,35 @@ class TestEventsApi(base.BaseApiTestCase):
        )
        self.assertEqual(falcon.HTTP_422, self.srmock.status)
    def test_should_fail_missing_content_type(self, bulk_processor):
        events_resource = _init_resource(self)
        events_resource._processor = bulk_processor
        body = {'timestamp': '2012-10-29T13:42:11Z+0200'}
        self.simulate_request(
            path=ENDPOINT,
            method='POST',
            headers={
                'X_ROLES': 'monasca-user'
            },
            body=json.dumps(body)
        )
        self.assertEqual(falcon.HTTP_400, self.srmock.status)
    def test_should_fail_wrong_content_type(self, bulk_processor):
        events_resource = _init_resource(self)
        events_resource._processor = bulk_processor
        body = {'timestamp': '2012-10-29T13:42:11Z+0200'}
        self.simulate_request(
            path=ENDPOINT,
            method='POST',
            headers={
                'Content-Type': 'text/plain',
                'X_ROLES': 'monasca-user'
            },
            body=json.dumps(body)
        )
        self.assertEqual(falcon.HTTP_415, self.srmock.status)
 class TestApiEventsVersion(base.BaseApiTestCase):
    @mock.patch('monasca_events_api.app.controller.v1.'
--- a/monasca_events_api/tests/unit/test_validation_middleware.py
+++ b/monasca_events_api/tests/unit/test_validation_middleware.py
@ -1,47 +0,0 @@
 # Copyright 2017 FUJITSU LIMITED
 #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may
 # not use this file except in compliance with the License. You may obtain
 # a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.
 import falcon
 from monasca_events_api.middleware import validation_middleware as vm
 from monasca_events_api.tests.unit import base
 class FakeRequest(object):
    def __init__(self, content=None, length=0):
        self.content_type = content if content else None
        self.content_length = (length if length is not None and length > 0
                               else None)
 class TestValidation(base.BaseTestCase):
    def setUp(self):
        super(TestValidation, self).setUp()
    def test_should_validate_right_content_type(self):
        req = FakeRequest('application/json')
        vm._validate_content_type(req)
    def test_should_fail_missing_content_type(self):
        req = FakeRequest()
        self.assertRaises(falcon.HTTPMissingHeader,
                          vm._validate_content_type,
                          req)
    def test_should_fail_unsupported_content_type(self):
        req = FakeRequest('test/plain')
        self.assertRaises(falcon.HTTPUnsupportedMediaType,
                          vm._validate_content_type,
                          req)