Merge "Remove db layer hard-code permission checks for network_create_safe"
This commit is contained in:
commit
79b88416ae
|
@ -141,6 +141,9 @@ class NetworkController(wsgi.Controller):
|
|||
def create(self, req, body):
|
||||
context = req.environ['nova.context']
|
||||
authorize(context)
|
||||
# NOTE(shaohe-feng): back-compatible with db layer hard-code
|
||||
# admin permission checks. call db API objects.Network.create
|
||||
nova_context.require_admin_context(context)
|
||||
|
||||
def bad(e):
|
||||
return exc.HTTPBadRequest(explanation=e)
|
||||
|
|
|
@ -2785,7 +2785,6 @@ def network_count_reserved_ips(context, network_id):
|
|||
count()
|
||||
|
||||
|
||||
@require_admin_context
|
||||
def network_create_safe(context, values):
|
||||
network_ref = models.Network()
|
||||
network_ref['uuid'] = str(uuid.uuid4())
|
||||
|
|
|
@ -250,9 +250,9 @@ class NetworkCreateExceptionsTestV21(test.TestCase):
|
|||
fakes.stub_out_networking(self.stubs)
|
||||
fakes.stub_out_rate_limiting(self.stubs)
|
||||
self.new_network = copy.deepcopy(NEW_NETWORK)
|
||||
self.req = fakes.HTTPRequest.blank('')
|
||||
|
||||
def _setup(self):
|
||||
self.req = fakes.HTTPRequest.blank('')
|
||||
self.controller = networks_v21.NetworkController(self.PassthroughAPI())
|
||||
|
||||
def test_network_create_bad_vlan(self):
|
||||
|
@ -314,6 +314,7 @@ class NetworkCreateExceptionsTestV2(NetworkCreateExceptionsTestV21):
|
|||
def _setup(self):
|
||||
ext_mgr = extensions.ExtensionManager()
|
||||
ext_mgr.extensions = {'os-extended-networks': 'fake'}
|
||||
self.req = fakes.HTTPRequest.blank('', use_admin_context=True)
|
||||
|
||||
self.controller = networks.NetworkController(
|
||||
self.PassthroughAPI(), ext_mgr)
|
||||
|
@ -534,6 +535,12 @@ class NetworksTestV2(NetworksTestV21):
|
|||
self.controller.add,
|
||||
self.non_admin_req, body={'id': uuid})
|
||||
|
||||
def test_network_create_with_non_admin(self):
|
||||
self.assertRaises(
|
||||
exception.AdminRequired,
|
||||
self.controller.create,
|
||||
self.non_admin_req, body=self.new_network)
|
||||
|
||||
|
||||
class NetworksAssociateTestV21(test.NoDBTestCase):
|
||||
|
||||
|
|
|
@ -257,6 +257,10 @@ class TenantNetworksTestV2(TenantNetworksTestV21):
|
|||
ctrlr = networks.NetworkController
|
||||
validation_error = webob.exc.HTTPBadRequest
|
||||
|
||||
def setUp(self):
|
||||
super(TenantNetworksTestV2, self).setUp()
|
||||
self.req = fakes.HTTPRequest.blank('', use_admin_context=True)
|
||||
|
||||
def test_network_create_empty_body(self):
|
||||
self.assertRaises(webob.exc.HTTPUnprocessableEntity,
|
||||
self.controller.create, self.req, {})
|
||||
|
|
Loading…
Reference in New Issue