Browse Source

APIv2 - Fix 500 on malformed query string on

In order to improve return information to clients we are adding a check
to verify parameters before each call and return a more appropriate
message to the users.

Change-Id: I9923601d0903e415a3fe30bec9bdc8fc34b91ff6
Story: #2004506
Task: #28228
tags/10.0.0.0b1
Telles Nobrega 6 months ago
parent
commit
7105a891c2

+ 6
- 0
sahara/api/v2/cluster_templates.py View File

@@ -29,6 +29,7 @@ rest = u.RestV2('cluster-templates', __name__)
29 29
 @v.check_exists(api.get_cluster_template, 'marker')
30 30
 @v.validate(None, v.validate_pagination_limit,
31 31
             v.validate_sorting_cluster_templates)
32
+@v.validate_request_params(['plugin_name', 'hadoop_version', 'name'])
32 33
 def cluster_templates_list():
33 34
     result = api.get_cluster_templates(**u.get_request_args().to_dict())
34 35
     for ct in result:
@@ -40,6 +41,7 @@ def cluster_templates_list():
40 41
 @acl.enforce("data-processing:cluster-templates:create")
41 42
 @v.validate(ct_schema.CLUSTER_TEMPLATE_SCHEMA_V2,
42 43
             v_ct.check_cluster_template_create)
44
+@v.validate_request_params([])
43 45
 def cluster_templates_create(data):
44 46
     # renaming hadoop_version -> plugin_version
45 47
     # this can be removed once APIv1 is deprecated
@@ -53,6 +55,7 @@ def cluster_templates_create(data):
53 55
 @rest.get('/cluster-templates/<cluster_template_id>')
54 56
 @acl.enforce("data-processing:cluster-templates:get")
55 57
 @v.check_exists(api.get_cluster_template, 'cluster_template_id')
58
+@v.validate_request_params([])
56 59
 def cluster_templates_get(cluster_template_id):
57 60
     result = u.to_wrapped_dict_no_render(
58 61
         api.get_cluster_template, cluster_template_id)
@@ -65,6 +68,7 @@ def cluster_templates_get(cluster_template_id):
65 68
 @v.check_exists(api.get_cluster_template, 'cluster_template_id')
66 69
 @v.validate(ct_schema.CLUSTER_TEMPLATE_UPDATE_SCHEMA_V2,
67 70
             v_ct.check_cluster_template_update)
71
+@v.validate_request_params([])
68 72
 def cluster_templates_update(cluster_template_id, data):
69 73
     if data.get('plugin_version', None):
70 74
         data['hadoop_version'] = data['plugin_version']
@@ -79,6 +83,7 @@ def cluster_templates_update(cluster_template_id, data):
79 83
 @acl.enforce("data-processing:cluster-templates:delete")
80 84
 @v.check_exists(api.get_cluster_template, 'cluster_template_id')
81 85
 @v.validate(None, v_ct.check_cluster_template_usage)
86
+@v.validate_request_params([])
82 87
 def cluster_templates_delete(cluster_template_id):
83 88
     api.terminate_cluster_template(cluster_template_id)
84 89
     return u.render()
@@ -97,6 +102,7 @@ def _cluster_template_export_helper(template):
97 102
 @rest.get('/cluster-templates/<cluster_template_id>/export')
98 103
 @acl.enforce("data-processing:cluster-templates:get")
99 104
 @v.check_exists(api.get_cluster_template, 'cluster_template_id')
105
+@v.validate_request_params([])
100 106
 def cluster_template_export(cluster_template_id):
101 107
     content = u.to_wrapped_dict_no_render(
102 108
         api.export_cluster_template, cluster_template_id)

+ 6
- 0
sahara/api/v2/clusters.py View File

@@ -31,6 +31,7 @@ rest = u.RestV2('clusters', __name__)
31 31
 @acl.enforce("data-processing:clusters:get_all")
32 32
 @v.check_exists(api.get_cluster, 'marker')
33 33
 @v.validate(None, v.validate_pagination_limit)
34
+@v.validate_request_params(['plugin_name', 'hadoop_version', 'name'])
34 35
 def clusters_list():
35 36
     result = api.get_clusters(**u.get_request_args().to_dict())
36 37
     for c in result:
@@ -42,6 +43,7 @@ def clusters_list():
42 43
 @acl.enforce("data-processing:clusters:create")
43 44
 @v.validate(v_c_schema.CLUSTER_SCHEMA_V2,
44 45
             v_c.check_one_or_multiple_clusters_create)
46
+@v.validate_request_params([])
45 47
 def clusters_create(data):
46 48
     # renaming hadoop_version -> plugin_version
47 49
     # this can be removed once APIv1 is deprecated
@@ -62,6 +64,7 @@ def clusters_create(data):
62 64
 @acl.enforce("data-processing:clusters:scale")
63 65
 @v.check_exists(api.get_cluster, 'cluster_id')
64 66
 @v.validate(v_c_schema.CLUSTER_SCALING_SCHEMA_V2, v_c_s.check_cluster_scaling)
67
+@v.validate_request_params([])
65 68
 def clusters_scale(cluster_id, data):
66 69
     result = u.to_wrapped_dict_no_render(
67 70
         api.scale_cluster, cluster_id, data)
@@ -72,6 +75,7 @@ def clusters_scale(cluster_id, data):
72 75
 @rest.get('/clusters/<cluster_id>')
73 76
 @acl.enforce("data-processing:clusters:get")
74 77
 @v.check_exists(api.get_cluster, 'cluster_id')
78
+@v.validate_request_params([])
75 79
 def clusters_get(cluster_id):
76 80
     data = u.get_request_args()
77 81
     show_events = six.text_type(
@@ -86,6 +90,7 @@ def clusters_get(cluster_id):
86 90
 @acl.enforce("data-processing:clusters:modify")
87 91
 @v.check_exists(api.get_cluster, 'cluster_id')
88 92
 @v.validate(v_c_schema.CLUSTER_UPDATE_SCHEMA, v_c.check_cluster_update)
93
+@v.validate_request_params([])
89 94
 def clusters_update(cluster_id, data):
90 95
     result = u.to_wrapped_dict_no_render(
91 96
         api.update_cluster, cluster_id, data)
@@ -97,6 +102,7 @@ def clusters_update(cluster_id, data):
97 102
 @acl.enforce("data-processing:clusters:delete")
98 103
 @v.check_exists(api.get_cluster, 'cluster_id')
99 104
 @v.validate(v_c_schema.CLUSTER_DELETE_SCHEMA_V2, v_c.check_cluster_delete)
105
+@v.validate_request_params([])
100 106
 def clusters_delete(cluster_id):
101 107
     data = u.request_data()
102 108
     force = data.get('force', False)

+ 5
- 0
sahara/api/v2/data_sources.py View File

@@ -29,6 +29,7 @@ rest = u.RestV2('data-sources', __name__)
29 29
 @v.check_exists(api.get_data_source, 'marker')
30 30
 @v.validate(None, v.validate_pagination_limit,
31 31
             v.validate_sorting_data_sources)
32
+@v.validate_request_params(['type'])
32 33
 def data_sources_list():
33 34
     result = api.get_data_sources(**u.get_request_args().to_dict())
34 35
     return u.render(res=result, name='data_sources')
@@ -37,6 +38,7 @@ def data_sources_list():
37 38
 @rest.post('/data-sources')
38 39
 @acl.enforce("data-processing:data-sources:register")
39 40
 @v.validate(v_d_s_schema.DATA_SOURCE_SCHEMA, v_d_s.check_data_source_create)
41
+@v.validate_request_params([])
40 42
 def data_source_register(data):
41 43
     return u.render(api.register_data_source(data).to_wrapped_dict())
42 44
 
@@ -44,6 +46,7 @@ def data_source_register(data):
44 46
 @rest.get('/data-sources/<data_source_id>')
45 47
 @acl.enforce("data-processing:data-sources:get")
46 48
 @v.check_exists(api.get_data_source, 'data_source_id')
49
+@v.validate_request_params([])
47 50
 def data_source_get(data_source_id):
48 51
     return u.to_wrapped_dict(api.get_data_source, data_source_id)
49 52
 
@@ -51,6 +54,7 @@ def data_source_get(data_source_id):
51 54
 @rest.delete('/data-sources/<data_source_id>')
52 55
 @acl.enforce("data-processing:data-sources:delete")
53 56
 @v.check_exists(api.get_data_source, 'data_source_id')
57
+@v.validate_request_params([])
54 58
 def data_source_delete(data_source_id):
55 59
     api.delete_data_source(data_source_id)
56 60
     return u.render()
@@ -60,5 +64,6 @@ def data_source_delete(data_source_id):
60 64
 @acl.enforce("data-processing:data-sources:modify")
61 65
 @v.check_exists(api.get_data_source, 'data_source_id')
62 66
 @v.validate(v_d_s_schema.DATA_SOURCE_UPDATE_SCHEMA)
67
+@v.validate_request_params([])
63 68
 def data_source_update(data_source_id, data):
64 69
     return u.to_wrapped_dict(api.data_source_update, data_source_id, data)

+ 7
- 0
sahara/api/v2/images.py View File

@@ -25,6 +25,7 @@ rest = u.RestV2('images', __name__)
25 25
 
26 26
 @rest.get('/images')
27 27
 @acl.enforce("data-processing:images:get_all")
28
+@v.validate_request_params(['name', 'tags', 'username'])
28 29
 def images_list():
29 30
     tags = u.get_request_args().getlist('tags')
30 31
     name = u.get_request_args().get('name', None)
@@ -34,6 +35,7 @@ def images_list():
34 35
 @rest.get('/images/<image_id>')
35 36
 @acl.enforce("data-processing:images:get")
36 37
 @v.check_exists(api.get_image, id='image_id')
38
+@v.validate_request_params([])
37 39
 def images_get(image_id):
38 40
     return u.render(api.get_registered_image(id=image_id).wrapped_dict)
39 41
 
@@ -42,6 +44,7 @@ def images_get(image_id):
42 44
 @acl.enforce("data-processing:images:register")
43 45
 @v.check_exists(api.get_image, id='image_id')
44 46
 @v.validate(v_images.image_register_schema, v_images.check_image_register)
47
+@v.validate_request_params([])
45 48
 def images_set(image_id, data):
46 49
     return u.render(api.register_image(image_id, **data).wrapped_dict)
47 50
 
@@ -49,6 +52,7 @@ def images_set(image_id, data):
49 52
 @rest.delete('/images/<image_id>')
50 53
 @acl.enforce("data-processing:images:unregister")
51 54
 @v.check_exists(api.get_image, id='image_id')
55
+@v.validate_request_params([])
52 56
 def images_unset(image_id):
53 57
     api.unregister_image(image_id)
54 58
     return u.render()
@@ -57,6 +61,7 @@ def images_unset(image_id):
57 61
 @rest.get('/images/<image_id>/tags')
58 62
 @acl.enforce("data-processing:images:get_tags")
59 63
 @v.check_exists(api.get_image, id='image_id')
64
+@v.validate_request_params([])
60 65
 def image_tags_get(image_id):
61 66
     return u.render(api.get_image_tags(image_id))
62 67
 
@@ -65,6 +70,7 @@ def image_tags_get(image_id):
65 70
 @acl.enforce("data-processing:images:set_tags")
66 71
 @v.check_exists(api.get_image, id='image_id')
67 72
 @v.validate(v_images.image_tags_schema, v_images.check_tags)
73
+@v.validate_request_params([])
68 74
 def image_tags_update(image_id, data):
69 75
     return u.render(api.set_image_tags(image_id, **data).wrapped_dict)
70 76
 
@@ -72,6 +78,7 @@ def image_tags_update(image_id, data):
72 78
 @rest.delete('/images/<image_id>/tags')
73 79
 @acl.enforce("data-processing:images:remove_tags")
74 80
 @v.check_exists(api.get_image, id='image_id')
81
+@v.validate_request_params([])
75 82
 def image_tags_delete(image_id):
76 83
     api.remove_image_tags(image_id)
77 84
     return u.render()

+ 6
- 0
sahara/api/v2/job_binaries.py View File

@@ -27,6 +27,7 @@ rest = u.RestV2('job-binaries', __name__)
27 27
 @rest.post('/job-binaries')
28 28
 @acl.enforce("data-processing:job-binaries:create")
29 29
 @v.validate(v_j_b_schema.JOB_BINARY_SCHEMA, v_j_b.check_job_binary)
30
+@v.validate_request_params([])
30 31
 def job_binary_create(data):
31 32
     return u.render(api.create_job_binary(data).to_wrapped_dict())
32 33
 
@@ -36,6 +37,7 @@ def job_binary_create(data):
36 37
 @v.check_exists(api.get_job_binary, 'marker')
37 38
 @v.validate(None, v.validate_pagination_limit,
38 39
             v.validate_sorting_job_binaries)
40
+@v.validate_request_params(['name'])
39 41
 def job_binary_list():
40 42
     result = api.get_job_binaries(**u.get_request_args().to_dict())
41 43
     return u.render(res=result, name='binaries')
@@ -44,6 +46,7 @@ def job_binary_list():
44 46
 @rest.get('/job-binaries/<job_binary_id>')
45 47
 @acl.enforce("data-processing:job-binaries:get")
46 48
 @v.check_exists(api.get_job_binary, 'job_binary_id')
49
+@v.validate_request_params([])
47 50
 def job_binary_get(job_binary_id):
48 51
     return u.to_wrapped_dict(api.get_job_binary, job_binary_id)
49 52
 
@@ -51,6 +54,7 @@ def job_binary_get(job_binary_id):
51 54
 @rest.delete('/job-binaries/<job_binary_id>')
52 55
 @acl.enforce("data-processing:job-binaries:delete")
53 56
 @v.check_exists(api.get_job_binary, id='job_binary_id')
57
+@v.validate_request_params([])
54 58
 def job_binary_delete(job_binary_id):
55 59
     api.delete_job_binary(job_binary_id)
56 60
     return u.render()
@@ -59,6 +63,7 @@ def job_binary_delete(job_binary_id):
59 63
 @rest.get('/job-binaries/<job_binary_id>/data')
60 64
 @acl.enforce("data-processing:job-binaries:get_data")
61 65
 @v.check_exists(api.get_job_binary, 'job_binary_id')
66
+@v.validate_request_params([])
62 67
 def job_binary_data(job_binary_id):
63 68
     data = api.get_job_binary_data(job_binary_id)
64 69
     if type(data) == dict:
@@ -69,6 +74,7 @@ def job_binary_data(job_binary_id):
69 74
 @rest.patch('/job-binaries/<job_binary_id>')
70 75
 @acl.enforce("data-processing:job-binaries:modify")
71 76
 @v.validate(v_j_b_schema.JOB_BINARY_UPDATE_SCHEMA, v_j_b.check_job_binary)
77
+@v.validate_request_params([])
72 78
 def job_binary_update(job_binary_id, data):
73 79
     return u.render(api.update_job_binary(job_binary_id,
74 80
                                           data).to_wrapped_dict())

+ 6
- 0
sahara/api/v2/job_templates.py View File

@@ -29,6 +29,7 @@ rest = u.RestV2('job-templates', __name__)
29 29
 @v.check_exists(api.get_job_templates, 'marker')
30 30
 @v.validate(None, v.validate_pagination_limit,
31 31
             v.validate_sorting_jobs)
32
+@v.validate_request_params(['type', 'name'])
32 33
 def job_templates_list():
33 34
     result = api.get_job_templates(**u.get_request_args().to_dict())
34 35
     return u.render(res=result, name='job_templates')
@@ -37,6 +38,7 @@ def job_templates_list():
37 38
 @rest.post('/job-templates')
38 39
 @acl.enforce("data-processing:job-templates:create")
39 40
 @v.validate(v_j_schema.JOB_SCHEMA, v_j.check_mains_libs, v_j.check_interface)
41
+@v.validate_request_params([])
40 42
 def job_templates_create(data):
41 43
     return u.render({'job_template': api.create_job_template(data).to_dict()})
42 44
 
@@ -44,6 +46,7 @@ def job_templates_create(data):
44 46
 @rest.get('/job-templates/<job_templates_id>')
45 47
 @acl.enforce("data-processing:job-templates:get")
46 48
 @v.check_exists(api.get_job_templates, id='job_templates_id')
49
+@v.validate_request_params([])
47 50
 def job_templates_get(job_templates_id):
48 51
     return u.render({'job_template': api.get_job_template(
49 52
         job_templates_id).to_dict()})
@@ -53,6 +56,7 @@ def job_templates_get(job_templates_id):
53 56
 @acl.enforce("data-processing:jobs:modify")
54 57
 @v.check_exists(api.get_job_templates, id='job_templates_id')
55 58
 @v.validate(v_j_schema.JOB_UPDATE_SCHEMA)
59
+@v.validate_request_params([])
56 60
 def job_templates_update(job_templates_id, data):
57 61
     return u.render({'job_template': api.update_job_template(
58 62
         job_templates_id, data).to_dict()})
@@ -61,6 +65,7 @@ def job_templates_update(job_templates_id, data):
61 65
 @rest.delete('/job-templates/<job_templates_id>')
62 66
 @acl.enforce("data-processing:jobs:delete")
63 67
 @v.check_exists(api.get_job_templates, id='job_templates_id')
68
+@v.validate_request_params([])
64 69
 def job_templates_delete(job_templates_id):
65 70
     api.delete_job_template(job_templates_id)
66 71
     return u.render()
@@ -69,5 +74,6 @@ def job_templates_delete(job_templates_id):
69 74
 @rest.get('/job-templates/config-hints/<job_type>')
70 75
 @acl.enforce("data-processing:jobs:get_config_hints")
71 76
 @v.check_exists(api.get_job_config_hints, job_type='job_type')
77
+@v.validate_request_params([])
72 78
 def job_config_hints_get(job_type):
73 79
     return u.render(api.get_job_config_hints(job_type))

+ 2
- 0
sahara/api/v2/job_types.py View File

@@ -15,6 +15,7 @@
15 15
 
16 16
 from sahara.api import acl
17 17
 from sahara.service.api.v2 import job_types as api
18
+from sahara.service import validation as v
18 19
 import sahara.utils.api as u
19 20
 
20 21
 
@@ -23,6 +24,7 @@ rest = u.RestV2('job-types', __name__)
23 24
 
24 25
 @rest.get('/job-types')
25 26
 @acl.enforce("data-processing:job-types:get_all")
27
+@v.validate_request_params(['type', 'plugin_name', 'hadoop_version'])
26 28
 def job_types_get():
27 29
     # We want to use flat=False with to_dict() so that
28 30
     # the value of each arg is given as a list. This supports

+ 5
- 0
sahara/api/v2/jobs.py View File

@@ -31,6 +31,7 @@ rest = u.RestV2('jobs', __name__)
31 31
 @v.check_exists(api.get_job_execution, 'marker')
32 32
 @v.validate(None, v.validate_pagination_limit,
33 33
             v.validate_sorting_job_executions)
34
+@v.validate_request_params(['status'])
34 35
 def jobs_list():
35 36
     result = api.job_execution_list(**u.get_request_args().to_dict())
36 37
     # APIv2: renaming oozie_job_id -> engine_job_id
@@ -44,6 +45,7 @@ def jobs_list():
44 45
 @rest.post('/jobs')
45 46
 @acl.enforce("data-processing:jobs:execute")
46 47
 @v.validate(v_j_e_schema.JOB_EXEC_SCHEMA_V2, v_j_e.check_job_execution)
48
+@v.validate_request_params([])
47 49
 def jobs_execute(data):
48 50
     result = {'job': api.execute_job(data)}
49 51
     dict.update(result['job'],
@@ -55,6 +57,7 @@ def jobs_execute(data):
55 57
 @rest.get('/jobs/<job_id>')
56 58
 @acl.enforce("data-processing:job-executions:get")
57 59
 @v.check_exists(api.get_job_execution, id='job_id')
60
+@v.validate_request_params([])
58 61
 def jobs_get(job_id):
59 62
     data = u.get_request_args()
60 63
     refresh_status = six.text_type(
@@ -69,6 +72,7 @@ def jobs_get(job_id):
69 72
 @v.check_exists(api.get_job_execution, id='job_id')
70 73
 @v.validate(
71 74
     v_j_e_schema.JOB_EXEC_UPDATE_SCHEMA, v_j_e.check_job_execution_update)
75
+@v.validate_request_params([])
72 76
 def jobs_update(job_id, data):
73 77
     result = {'job': api.update_job_execution(job_id, data)}
74 78
     result['job'].pop('oozie_job_id', force=True)
@@ -79,6 +83,7 @@ def jobs_update(job_id, data):
79 83
 @acl.enforce("data-processing:job-executions:delete")
80 84
 @v.check_exists(api.get_job_execution, id='job_id')
81 85
 @v.validate(None, v_j_e.check_job_execution_delete)
86
+@v.validate_request_params([])
82 87
 def jobs_delete(job_id):
83 88
     api.delete_job_execution(job_id)
84 89
     return u.render()

+ 6
- 0
sahara/api/v2/node_group_templates.py View File

@@ -30,6 +30,7 @@ rest = u.RestV2('node-group-templates', __name__)
30 30
 @v.check_exists(api.get_node_group_template, 'marker')
31 31
 @v.validate(None, v.validate_pagination_limit,
32 32
             v.validate_sorting_node_group_templates)
33
+@v.validate_request_params(['plugin_name', 'hadoop_version', 'name'])
33 34
 def node_group_templates_list():
34 35
     result = api.get_node_group_templates(**u.get_request_args().to_dict())
35 36
     for ngt in result:
@@ -41,6 +42,7 @@ def node_group_templates_list():
41 42
 @acl.enforce("data-processing:node-group-templates:create")
42 43
 @v.validate(ngt_schema.NODE_GROUP_TEMPLATE_SCHEMA_V2,
43 44
             v_ngt.check_node_group_template_create)
45
+@v.validate_request_params([])
44 46
 def node_group_templates_create(data):
45 47
     # renaming hadoop_version -> plugin_version
46 48
     # this can be removed once APIv1 is deprecated
@@ -54,6 +56,7 @@ def node_group_templates_create(data):
54 56
 @rest.get('/node-group-templates/<node_group_template_id>')
55 57
 @acl.enforce("data-processing:node-group-templates:get")
56 58
 @v.check_exists(api.get_node_group_template, 'node_group_template_id')
59
+@v.validate_request_params([])
57 60
 def node_group_templates_get(node_group_template_id):
58 61
     result = u.to_wrapped_dict_no_render(
59 62
         api.get_node_group_template, node_group_template_id)
@@ -66,6 +69,7 @@ def node_group_templates_get(node_group_template_id):
66 69
 @v.check_exists(api.get_node_group_template, 'node_group_template_id')
67 70
 @v.validate(ngt_schema.NODE_GROUP_TEMPLATE_UPDATE_SCHEMA_V2,
68 71
             v_ngt.check_node_group_template_update)
72
+@v.validate_request_params([])
69 73
 def node_group_templates_update(node_group_template_id, data):
70 74
     if data.get('plugin_version', None):
71 75
         data['hadoop_version'] = data['plugin_version']
@@ -80,6 +84,7 @@ def node_group_templates_update(node_group_template_id, data):
80 84
 @acl.enforce("data-processing:node-group-templates:delete")
81 85
 @v.check_exists(api.get_node_group_template, 'node_group_template_id')
82 86
 @v.validate(None, v_ngt.check_node_group_template_usage)
87
+@v.validate_request_params([])
83 88
 def node_group_templates_delete(node_group_template_id):
84 89
     api.terminate_node_group_template(node_group_template_id)
85 90
     return u.render()
@@ -100,6 +105,7 @@ def _node_group_template_export_helper(template):
100 105
 @rest.get('/node-group-templates/<node_group_template_id>/export')
101 106
 @acl.enforce("data-processing:node-group-templates:get")
102 107
 @v.check_exists(api.get_node_group_template, 'node_group_template_id')
108
+@v.validate_request_params([])
103 109
 def node_group_template_export(node_group_template_id):
104 110
     content = u.to_wrapped_dict_no_render(
105 111
         api.export_node_group_template, node_group_template_id)

+ 4
- 0
sahara/api/v2/plugins.py View File

@@ -25,6 +25,7 @@ rest = u.RestV2('plugins', __name__)
25 25
 
26 26
 @rest.get('/plugins')
27 27
 @acl.enforce("data-processing:plugins:get_all")
28
+@v.validate_request_params([])
28 29
 def plugins_list():
29 30
     return u.render(plugins=[p.dict for p in api.get_plugins()])
30 31
 
@@ -32,6 +33,7 @@ def plugins_list():
32 33
 @rest.get('/plugins/<plugin_name>')
33 34
 @acl.enforce("data-processing:plugins:get")
34 35
 @v.check_exists(api.get_plugin, plugin_name='plugin_name')
36
+@v.validate_request_params([])
35 37
 def plugins_get(plugin_name):
36 38
     return u.render(api.get_plugin(plugin_name).wrapped_dict)
37 39
 
@@ -39,6 +41,7 @@ def plugins_get(plugin_name):
39 41
 @rest.get('/plugins/<plugin_name>/<version>')
40 42
 @acl.enforce("data-processing:plugins:get_version")
41 43
 @v.check_exists(api.get_plugin, plugin_name='plugin_name', version='version')
44
+@v.validate_request_params([])
42 45
 def plugins_get_version(plugin_name, version):
43 46
     return u.render(api.get_plugin(plugin_name, version).wrapped_dict)
44 47
 
@@ -47,5 +50,6 @@ def plugins_get_version(plugin_name, version):
47 50
 @acl.enforce("data-processing:plugins:patch")
48 51
 @v.check_exists(api.get_plugin, plugin_name='plugin_name')
49 52
 @v.validate(v_p.plugin_update_validation_jsonschema(), v_p.check_plugin_update)
53
+@v.validate_request_params([])
50 54
 def plugins_update(plugin_name, data):
51 55
     return u.render(api.update_plugin(plugin_name, data).wrapped_dict)

+ 19
- 0
sahara/service/validation.py View File

@@ -198,3 +198,22 @@ def check_exists(get_func, *id_prop, **get_args):
198 198
         return handler
199 199
 
200 200
     return decorator
201
+
202
+
203
+def validate_request_params(supported_params):
204
+    def decorator(func):
205
+        @functools.wraps(func)
206
+        def handler(*args, **kwargs):
207
+            pagination_params = ['marker', 'limit', 'sort_by']
208
+            func_name = func.__name__
209
+            params = u.get_request_args()
210
+            for param in params.keys():
211
+                if (param not in supported_params and
212
+                        param not in pagination_params):
213
+                    return u.invalid_param_error(
214
+                        400,
215
+                        'The only valid params for %s are %s and %s' % (
216
+                            func_name, supported_params, pagination_params))
217
+            return func(*args, **kwargs)
218
+        return handler
219
+    return decorator

+ 12
- 0
sahara/utils/api.py View File

@@ -288,6 +288,18 @@ def render_error_message(error_code, error_message, error_name):
288 288
     return resp
289 289
 
290 290
 
291
+def invalid_param_error(status_code, descr, exc=None):
292
+    LOG.error("Request aborted with status code {code} and "
293
+              "message '{message}'".format(code=status_code, message=descr))
294
+
295
+    if exc is not None:
296
+        LOG.error(traceback.format_exc())
297
+
298
+    error_code = "INVALID_PARAMS_ON_REQUEST"
299
+
300
+    return render_error_message(status_code, descr, error_code)
301
+
302
+
291 303
 def internal_error(status_code, descr, exc=None):
292 304
     LOG.error("Request aborted with status code {code} and "
293 305
               "message '{message}'".format(code=status_code, message=descr))

Loading…
Cancel
Save