From 07444203eca1c9c340e1f0b28ca3a57a9049c987 Mon Sep 17 00:00:00 2001 From: Sripriya Date: Thu, 7 Apr 2016 14:54:35 -0700 Subject: [PATCH] Do not display password in VIM command outputs This fix masks the password attr in vim response for vim-list, vim-show and vim-create commands. Change-Id: I9b38b45f292a11f4615f3dc8eff672a4206c4a4a Closes-Bug: #1567585 --- tackerclient/tacker/v1_0/__init__.py | 3 ++ tackerclient/tacker/v1_0/nfvo/vim.py | 6 +++- tackerclient/tests/unit/vm/test_cli10_vim.py | 35 ++++++++++++++++++++ 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/tackerclient/tacker/v1_0/__init__.py b/tackerclient/tacker/v1_0/__init__.py index f5179f92..053b9bdc 100644 --- a/tackerclient/tacker/v1_0/__init__.py +++ b/tackerclient/tacker/v1_0/__init__.py @@ -25,6 +25,7 @@ from cliff.formatters import table from cliff import lister from cliff import show from oslo_serialization import jsonutils +from oslo_utils import strutils import six from tackerclient.common._i18n import _ @@ -385,6 +386,8 @@ class TackerCommand(command.OpenStackCommand): def format_output_data(self, data): # Modify data to make it more readable if self.resource in data: + data[self.resource] = strutils.mask_dict_password( + data[self.resource]) for k, v in data[self.resource].iteritems(): if isinstance(v, list): value = '\n'.join(jsonutils.dumps( diff --git a/tackerclient/tacker/v1_0/nfvo/vim.py b/tackerclient/tacker/v1_0/nfvo/vim.py index 17d56fe8..c7847863 100644 --- a/tackerclient/tacker/v1_0/nfvo/vim.py +++ b/tackerclient/tacker/v1_0/nfvo/vim.py @@ -14,6 +14,7 @@ # License for the specific language governing permissions and limitations # under the License. +from oslo_utils import strutils import yaml from tackerclient.common import exceptions @@ -28,10 +29,13 @@ class ListVIM(tackerV10.ListCommand): """List VIMs that belong to a given tenant.""" resource = _VIM - list_columns = ['id', 'tenant_id', 'name', 'type', 'description', 'auth_url', 'placement_attr', 'auth_cred'] + def extend_list(self, data, parsed_args): + for index, value in enumerate(data): + data[index] = strutils.mask_dict_password(value) + class ShowVIM(tackerV10.ShowCommand): """Show information of a given VIM.""" diff --git a/tackerclient/tests/unit/vm/test_cli10_vim.py b/tackerclient/tests/unit/vm/test_cli10_vim.py index 987bc2e6..99de8530 100644 --- a/tackerclient/tests/unit/vm/test_cli10_vim.py +++ b/tackerclient/tests/unit/vm/test_cli10_vim.py @@ -16,6 +16,8 @@ import sys +import mox + from tackerclient.tacker.v1_0.nfvo import vim from tackerclient.tests.unit import test_cli10 @@ -76,6 +78,39 @@ class CLITestV10VIMJSON(test_cli10.CLITestV10Base): cmd = vim.ListVIM(test_cli10.MyApp(sys.stdout), None) self._test_list_resources(self._RESOURCES, cmd, True) + def _test_list_vims_extend(self, data, expected_data, args=['-f', 'json']): + resp_str = self.client.serialize({self._RESOURCES: data}) + resp = (test_cli10.MyResp(200), resp_str) + cmd = vim.ListVIM( + test_cli10.MyApp(sys.stdout), None) + self.mox.StubOutWithMock(cmd, "get_client") + self.mox.StubOutWithMock(self.client.httpclient, "request") + + cmd.get_client().MultipleTimes().AndReturn(self.client) + path = getattr(self.client, self._RESOURCES + '_path') + self.client.httpclient.request(test_cli10.MyUrlComparator( + test_cli10.end_url(path, format=self.format), self.client), + 'GET', body=None, headers=mox.ContainsKeyValue( + 'X-Auth-Token', test_cli10.TOKEN)).AndReturn(resp) + self.mox.ReplayAll() + cmd_parser = cmd.get_parser("list_" + self._RESOURCES) + parsed_args = cmd_parser.parse_args(args) + result = cmd.take_action(parsed_args) + res_data = [res for res in result[1]] + self.mox.VerifyAll() + self.mox.UnsetStubs() + for res, exp in zip(res_data, expected_data): + self.assertEqual(len(exp), len(res)) + self.assertEqual(exp, res) + + def test_list_vims_extend(self): + vim_data = [{'id': 'my_id1', 'auth_cred': {'password': + 'encrypted_pw'}}, {'id': 'my_id2', 'auth_cred': { + 'password': 'another_encrypted_pw'}}] + expected_data = [('my_id1', {'password': '***'}), + ('my_id2', {'password': '***'})] + self._test_list_vims_extend(vim_data, expected_data) + def test_show_vim_id(self): cmd = vim.ShowVIM(test_cli10.MyApp(sys.stdout), None) args = ['--fields', 'id', self.test_id]