Ensures that keypair names are only AlphaNumeric.
Throws a 400 error if keypair contains any unsafe characters. Safe characters are '_-', digits, and ascii_leters. Added test_keypair_create_with_non_alphanumeric_name. Fixes bug 937408. Change-Id: If9b1393ee8f36113d2fa8a3b97ca526cc2e6ccf1
This commit is contained in:
parent
f38281d60c
commit
c8b0a9a3be
|
@ -17,6 +17,8 @@
|
||||||
|
|
||||||
""" Keypair management extension"""
|
""" Keypair management extension"""
|
||||||
|
|
||||||
|
import string
|
||||||
|
|
||||||
import webob
|
import webob
|
||||||
import webob.exc
|
import webob.exc
|
||||||
|
|
||||||
|
@ -61,6 +63,13 @@ class KeypairController(object):
|
||||||
'public_key': public_key,
|
'public_key': public_key,
|
||||||
'fingerprint': fingerprint}
|
'fingerprint': fingerprint}
|
||||||
|
|
||||||
|
def _validate_keypair_name(self, value):
|
||||||
|
safechars = "_-" + string.digits + string.ascii_letters
|
||||||
|
clean_value = "".join(x for x in value if x in safechars)
|
||||||
|
if clean_value != value:
|
||||||
|
msg = _("Keypair name contains unsafe characters")
|
||||||
|
raise webob.exc.HTTPBadRequest(explanation=msg)
|
||||||
|
|
||||||
@wsgi.serializers(xml=KeypairTemplate)
|
@wsgi.serializers(xml=KeypairTemplate)
|
||||||
def create(self, req, body):
|
def create(self, req, body):
|
||||||
"""
|
"""
|
||||||
|
@ -80,6 +89,7 @@ class KeypairController(object):
|
||||||
authorize(context)
|
authorize(context)
|
||||||
params = body['keypair']
|
params = body['keypair']
|
||||||
name = params['name']
|
name = params['name']
|
||||||
|
self._validate_keypair_name(name)
|
||||||
|
|
||||||
if not 0 < len(name) < 256:
|
if not 0 < len(name) < 256:
|
||||||
msg = _('Keypair name must be between 1 and 255 characters long')
|
msg = _('Keypair name must be between 1 and 255 characters long')
|
||||||
|
|
|
@ -107,6 +107,20 @@ class KeypairsTest(test.TestCase):
|
||||||
res = req.get_response(fakes.wsgi_app())
|
res = req.get_response(fakes.wsgi_app())
|
||||||
self.assertEqual(res.status_int, 400)
|
self.assertEqual(res.status_int, 400)
|
||||||
|
|
||||||
|
def test_keypair_create_with_non_alphanumeric_name(self):
|
||||||
|
body = {
|
||||||
|
'keypair': {
|
||||||
|
'name': 'test/keypair'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
req = webob.Request.blank('/v2/fake/os-keypairs')
|
||||||
|
req.method = 'POST'
|
||||||
|
req.body = json.dumps(body)
|
||||||
|
req.headers['Content-Type'] = 'application/json'
|
||||||
|
res = req.get_response(fakes.wsgi_app())
|
||||||
|
res_dict = json.loads(res.body)
|
||||||
|
self.assertEqual(res.status_int, 400)
|
||||||
|
|
||||||
def test_keypair_import(self):
|
def test_keypair_import(self):
|
||||||
body = {
|
body = {
|
||||||
'keypair': {
|
'keypair': {
|
||||||
|
|
Loading…
Reference in New Issue