Ensures that keypair names are only AlphaNumeric.

Throws a 400 error if keypair contains any unsafe characters.

Safe characters are '_-', digits, and ascii_leters.

Added test_keypair_create_with_non_alphanumeric_name.

Fixes bug 937408.

Change-Id: If9b1393ee8f36113d2fa8a3b97ca526cc2e6ccf1
This commit is contained in:
Justin Shepherd 2012-02-26 22:23:30 -06:00 committed by Brian Waldon
parent f38281d60c
commit c8b0a9a3be
2 changed files with 24 additions and 0 deletions

View File

@ -17,6 +17,8 @@
""" Keypair management extension"""
import string
import webob
import webob.exc
@ -61,6 +63,13 @@ class KeypairController(object):
'public_key': public_key,
'fingerprint': fingerprint}
def _validate_keypair_name(self, value):
safechars = "_-" + string.digits + string.ascii_letters
clean_value = "".join(x for x in value if x in safechars)
if clean_value != value:
msg = _("Keypair name contains unsafe characters")
raise webob.exc.HTTPBadRequest(explanation=msg)
@wsgi.serializers(xml=KeypairTemplate)
def create(self, req, body):
"""
@ -80,6 +89,7 @@ class KeypairController(object):
authorize(context)
params = body['keypair']
name = params['name']
self._validate_keypair_name(name)
if not 0 < len(name) < 256:
msg = _('Keypair name must be between 1 and 255 characters long')

View File

@ -107,6 +107,20 @@ class KeypairsTest(test.TestCase):
res = req.get_response(fakes.wsgi_app())
self.assertEqual(res.status_int, 400)
def test_keypair_create_with_non_alphanumeric_name(self):
body = {
'keypair': {
'name': 'test/keypair'
}
}
req = webob.Request.blank('/v2/fake/os-keypairs')
req.method = 'POST'
req.body = json.dumps(body)
req.headers['Content-Type'] = 'application/json'
res = req.get_response(fakes.wsgi_app())
res_dict = json.loads(res.body)
self.assertEqual(res.status_int, 400)
def test_keypair_import(self):
body = {
'keypair': {