Merge "Don't add tenant_id to all resources during create request"
This commit is contained in:
Zuul
Gerrit Code Review
commit
de6852c60d
@ -237,6 +237,11 @@ class AttributeInfo(object):
|
||||
"Reason: %(reason)s.") % msg_dict
|
||||
raise exc_cls(msg)
|
||||
|
||||
def _project_id_required(self, res_dict):
|
||||
return (('tenant_id' in self.attributes or
|
||||
'project_id' in self.attributes) and
|
||||
'project_id' not in res_dict)
|
||||
|
||||
def populate_project_id(self, context, res_dict, is_create):
|
||||
"""Populate the owner information in a request body.
|
||||
|
||||
@ -256,14 +261,14 @@ class AttributeInfo(object):
|
||||
populate_project_info(res_dict)
|
||||
_validate_privileges(context, res_dict)
|
||||
|
||||
if is_create and 'project_id' not in res_dict:
|
||||
if is_create and self._project_id_required(res_dict):
|
||||
if context.project_id:
|
||||
res_dict['project_id'] = context.project_id
|
||||
|
||||
# For backward compatibility
|
||||
res_dict['tenant_id'] = context.project_id
|
||||
|
||||
elif 'tenant_id' in self.attributes:
|
||||
else:
|
||||
msg = _("Running without keystone AuthN requires "
|
||||
"that tenant_id is specified")
|
||||
raise exc.HTTPBadRequest(msg)
|
||||
|
||||
@ -47,11 +47,6 @@ RESOURCE_ATTRIBUTE_MAP = {
|
||||
{'type:service_plugin_type': None},
|
||||
'is_filter': True, 'is_sort_key': True,
|
||||
'is_visible': True},
|
||||
'tenant_id': {'allow_post': True, 'allow_put': False,
|
||||
'required_by_policy': True,
|
||||
'validate': {
|
||||
'type:string': db_const.PROJECT_ID_FIELD_SIZE},
|
||||
'is_visible': True},
|
||||
'service_profiles': {'allow_post': True, 'allow_put': True,
|
||||
'validate': {'type:uuid_list': None},
|
||||
'is_visible': True, 'default': []},
|
||||
@ -78,11 +73,6 @@ RESOURCE_ATTRIBUTE_MAP = {
|
||||
'metainfo': {'allow_post': True, 'allow_put': True,
|
||||
'is_visible': True, 'is_sort_key': True,
|
||||
'default': ''},
|
||||
'tenant_id': {'allow_post': True, 'allow_put': False,
|
||||
'required_by_policy': True,
|
||||
'validate': {
|
||||
'type:string': db_const.PROJECT_ID_FIELD_SIZE},
|
||||
'is_visible': True},
|
||||
'enabled': {'allow_post': True, 'allow_put': True,
|
||||
'convert_to': converters.convert_to_boolean_if_not_none,
|
||||
'is_filter': True, 'is_sort_key': True,
|
||||
@ -101,26 +91,14 @@ SUB_RESOURCE_ATTRIBUTE_MAP = {
|
||||
'is_visible': True},
|
||||
'metainfo': {'allow_post': False,
|
||||
'allow_put': False,
|
||||
'is_visible': True},
|
||||
'tenant_id': {'allow_post': True, 'allow_put': False,
|
||||
'required_by_policy': True,
|
||||
'validate': {
|
||||
'type:string':
|
||||
db_const.PROJECT_ID_FIELD_SIZE},
|
||||
'is_visible': True}}
|
||||
'is_visible': True}}
|
||||
},
|
||||
SERVICE_PROFILES: {
|
||||
'parent': {'collection_name': FLAVORS,
|
||||
'member_name': FLAVOR},
|
||||
'parameters': {'id': {'allow_post': True, 'allow_put': False,
|
||||
'validate': {'type:uuid': None},
|
||||
'is_visible': True},
|
||||
'tenant_id': {'allow_post': True, 'allow_put': False,
|
||||
'required_by_policy': True,
|
||||
'validate': {
|
||||
'type:string':
|
||||
db_const.PROJECT_ID_FIELD_SIZE},
|
||||
'is_visible': True}}
|
||||
'is_visible': True}}
|
||||
}
|
||||
}
|
||||
ACTION_MAP = {}
|
||||
|
||||
@ -35,11 +35,6 @@ _QOS_RULE_COMMON_FIELDS = {
|
||||
'is_filter': True,
|
||||
'is_sort_key': True,
|
||||
'primary_key': True
|
||||
},
|
||||
'tenant_id': {
|
||||
'allow_post': True, 'allow_put': False,
|
||||
'required_by_policy': True,
|
||||
'is_visible': True
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -214,10 +214,11 @@ class TestAttributeInfo(base.BaseTestCase):
|
||||
def test_populate_project_id_from_context(self):
|
||||
tenant_id = uuidutils.generate_uuid()
|
||||
ctx = context.Context(user_id=None, tenant_id=tenant_id)
|
||||
# for each create request, the tenant_id should be added to the
|
||||
# req body
|
||||
# for each create request, for the resources which require tenant_id,
|
||||
# it should be added to the req body
|
||||
res_dict = {}
|
||||
attr_inst = attributes.AttributeInfo({})
|
||||
attr_inst = attributes.AttributeInfo(
|
||||
{'tenant_id': {'allow_post': True}})
|
||||
attr_inst.populate_project_id(ctx, res_dict, is_create=True)
|
||||
self.assertEqual(
|
||||
{'tenant_id': ctx.tenant_id, 'project_id': ctx.tenant_id},
|
||||
@ -244,6 +245,7 @@ class TestAttributeInfo(base.BaseTestCase):
|
||||
attr_inst = attributes.AttributeInfo({})
|
||||
ctx.tenant_id = None
|
||||
attr_inst.populate_project_id(ctx, res_dict, True)
|
||||
self.assertEqual({'name': 'test_port'}, res_dict)
|
||||
|
||||
def test_verify_attributes_null(self):
|
||||
attributes.AttributeInfo({}).verify_attributes({})
|
||||
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
other:
|
||||
- |
|
||||
API resources which do not really have ``project_id`` associated with them,
|
||||
because either it belongs to the project to which their parent belongs (``QoS
|
||||
rules``) or does not belong to any project (``flavor`` and ``service
|
||||
profile``), do not accept ``project_id`` nor ``tenant_id`` to be sent in the
|
||||
body of the POST or PUT request.
|
||||
Loading…
Reference in New Issue
Block a user