Add check for bad parameter in policy-list
Adding check for the wrong parameters in the command for listing the policies i.e., policy-list. If the wrong parameter is passed with this command than it will raise the HTTPBadRequest exception with an error message 'Invalid parameter <param_name>' Change-Id: I45a20eb57ff753d83ae8a9710f7ff1ac7efa215e Closes-Bug: #1548435
This commit is contained in:
parent
3765532e81
commit
bba660c5cc
|
@ -41,6 +41,11 @@ class PolicyController(wsgi.Controller):
|
|||
consts.PARAM_SORT: 'single',
|
||||
consts.PARAM_GLOBAL_PROJECT: 'single',
|
||||
}
|
||||
for key in req.params.keys():
|
||||
if (key not in param_whitelist.keys() and key not in
|
||||
filter_whitelist.keys()):
|
||||
raise exc.HTTPBadRequest(_('Invalid parameter %s') % key)
|
||||
|
||||
params = util.get_allowed_params(req.params, param_whitelist)
|
||||
filters = util.get_allowed_params(req.params, filter_whitelist)
|
||||
|
||||
|
|
|
@ -79,7 +79,6 @@ class PolicyControllerTest(shared.ControllerTest, base.SenlinTestCase):
|
|||
'marker': 'fake marker',
|
||||
'sort': 'fake sorting string',
|
||||
'global_project': True,
|
||||
'balrog': 'you shall not pass!'
|
||||
}
|
||||
req = self._get('/policies', params=params)
|
||||
|
||||
|
@ -97,14 +96,27 @@ class PolicyControllerTest(shared.ControllerTest, base.SenlinTestCase):
|
|||
self.assertIn('sort', engine_args)
|
||||
self.assertIn('filters', engine_args)
|
||||
self.assertIn('project_safe', engine_args)
|
||||
self.assertNotIn('balrog', engine_args)
|
||||
|
||||
def test_policy_index_whitelist_bad_params(self, mock_enforce):
|
||||
self._mock_enforce_setup(mock_enforce, 'index', True)
|
||||
params = {
|
||||
'balrog': 'fake_value'
|
||||
}
|
||||
req = self._get('/policies', params=params)
|
||||
|
||||
mock_call = self.patchobject(rpc_client.EngineClient, 'call')
|
||||
mock_call.return_value = []
|
||||
|
||||
ex = self.assertRaises(exc.HTTPBadRequest,
|
||||
self.controller.index, req)
|
||||
self.assertEqual("Invalid parameter balrog", six.text_type(ex))
|
||||
self.assertFalse(mock_call.called)
|
||||
|
||||
def test_policy_index_whitelist_filter_params(self, mock_enforce):
|
||||
self._mock_enforce_setup(mock_enforce, 'index', True)
|
||||
params = {
|
||||
'type': 'some_type',
|
||||
'name': 'fake name',
|
||||
'balrog': 'you shall not pass!'
|
||||
}
|
||||
req = self._get('/policies', params=params)
|
||||
|
||||
|
@ -121,7 +133,20 @@ class PolicyControllerTest(shared.ControllerTest, base.SenlinTestCase):
|
|||
self.assertEqual(2, len(filters))
|
||||
self.assertIn('name', filters)
|
||||
self.assertIn('type', filters)
|
||||
self.assertNotIn('balrog', filters)
|
||||
|
||||
def test_policy_index_whitelist_filter_bad_params(self, mock_enforce):
|
||||
self._mock_enforce_setup(mock_enforce, 'index', True)
|
||||
params = {
|
||||
'balrog': 'fake_value'
|
||||
}
|
||||
req = self._get('/policies', params=params)
|
||||
|
||||
mock_call = self.patchobject(rpc_client.EngineClient, 'call')
|
||||
|
||||
ex = self.assertRaises(exc.HTTPBadRequest,
|
||||
self.controller.index, req)
|
||||
self.assertEqual("Invalid parameter balrog", six.text_type(ex))
|
||||
self.assertFalse(mock_call.called)
|
||||
|
||||
def test_policy_index_limit_non_int(self, mock_enforce):
|
||||
mock_call = self.patchobject(rpc_client.EngineClient, 'policy_list',
|
||||
|
|
Loading…
Reference in New Issue