Merge "check for invalid hostnames on update_attributes"
This commit is contained in:
Jenkins
@@ -142,12 +142,20 @@ class User(object):
|
|||||||
user_attrs):
|
user_attrs):
|
||||||
load_and_verify(context, instance_id)
|
load_and_verify(context, instance_id)
|
||||||
client = create_guest_client(context, instance_id)
|
client = create_guest_client(context, instance_id)
|
||||||
user_name = user_attrs.get('name')
|
|
||||||
host_name = user_attrs.get('host')
|
user_changed = user_attrs.get('name')
|
||||||
user = user_name or username
|
host_changed = user_attrs.get('host')
|
||||||
host = host_name or hostname
|
|
||||||
|
validate = guest_models.MySQLUser()
|
||||||
|
if host_changed:
|
||||||
|
validate.host = host_changed
|
||||||
|
if user_changed:
|
||||||
|
validate.name = user_changed
|
||||||
|
|
||||||
|
user = user_changed or username
|
||||||
|
host = host_changed or hostname
|
||||||
userhost = "%s@%s" % (user, host)
|
userhost = "%s@%s" % (user, host)
|
||||||
if user_name or host_name:
|
if user_changed or host_changed:
|
||||||
existing_users, _nadda = Users.load_with_client(
|
existing_users, _nadda = Users.load_with_client(
|
||||||
client,
|
client,
|
||||||
limit=1,
|
limit=1,
|
||||||
|
|||||||
@@ -149,8 +149,11 @@ class UserController(wsgi.Controller):
|
|||||||
raise exception.BadRequest(msg=str(e))
|
raise exception.BadRequest(msg=str(e))
|
||||||
if not user:
|
if not user:
|
||||||
raise exception.UserNotFound(uuid=id)
|
raise exception.UserNotFound(uuid=id)
|
||||||
models.User.update_attributes(context, instance_id, username, hostname,
|
try:
|
||||||
user_attrs)
|
models.User.update_attributes(context, instance_id, username,
|
||||||
|
hostname, user_attrs)
|
||||||
|
except (ValueError, AttributeError) as e:
|
||||||
|
raise exception.BadRequest(msg=str(e))
|
||||||
return wsgi.Result(None, 202)
|
return wsgi.Result(None, 202)
|
||||||
|
|
||||||
def update_all(self, req, body, tenant_id, instance_id):
|
def update_all(self, req, body, tenant_id, instance_id):
|
||||||
|
|||||||
@@ -264,6 +264,28 @@ class TestUsers(object):
|
|||||||
self.dbaas.users.delete(instance_info.id, "testuser2",
|
self.dbaas.users.delete(instance_info.id, "testuser2",
|
||||||
hostname=hostname2)
|
hostname=hostname2)
|
||||||
|
|
||||||
|
@test()
|
||||||
|
def test_updateduser_newhost_invalid(self):
|
||||||
|
# Ensure invalid hostnames/usernames aren't allowed to enter the system
|
||||||
|
users = []
|
||||||
|
username = "testuser1"
|
||||||
|
hostname1 = "192.168.0.1"
|
||||||
|
users.append({"name": username, "password": "password",
|
||||||
|
"host": hostname1, "databases": []})
|
||||||
|
self.dbaas.users.create(instance_info.id, users)
|
||||||
|
hostname1 = hostname1.replace('.', '%2e')
|
||||||
|
assert_raises(exceptions.BadRequest,
|
||||||
|
self.dbaas.users.update_attributes, instance_info.id,
|
||||||
|
username, {"host": "badjuju"}, hostname1)
|
||||||
|
assert_equal(400, self.dbaas.last_http_code)
|
||||||
|
|
||||||
|
assert_raises(exceptions.BadRequest,
|
||||||
|
self.dbaas.users.update_attributes, instance_info.id,
|
||||||
|
username, {"name": " bad username "}, hostname1)
|
||||||
|
assert_equal(400, self.dbaas.last_http_code)
|
||||||
|
|
||||||
|
self.dbaas.users.delete(instance_info.id, username, hostname=hostname1)
|
||||||
|
|
||||||
@test()
|
@test()
|
||||||
def test_cannot_change_rootpassword(self):
|
def test_cannot_change_rootpassword(self):
|
||||||
# Cannot change password for a root user
|
# Cannot change password for a root user
|
||||||
|
|||||||
Reference in New Issue
Block a user