Return node uuid with server for admins

Closes-Bug: #1696378 Change-Id: Iad874b8c1f641722a09c6d06691bb44ad390beef
2017-07-20 17:06:55 +08:00 · 2017-07-20 17:06:55 +08:00 · 12ddae115e
parent 94ea8f2f01
commit 12ddae115e
4 changed files with 21 additions and 2 deletions
--- a/api-ref/source/v1/parameters.yaml
+++ b/api-ref/source/v1/parameters.yaml
@ -459,6 +459,12 @@ nodes:
  in: body
  required: true
  type: dict
+node_uuid:
+  description: |
+    The UUID of the node which our server associated with. Only visible for admin users.
+  in: body
+  required: false
+  type: string
 personality:
  description: |
    The file path and contents, text only, to inject into the server at launch. The
--- a/api-ref/source/v1/servers.inc
+++ b/api-ref/source/v1/servers.inc
@ -258,6 +258,7 @@ Response
  - image_uuid: imageRef
  - availability_zone: availability_zone
  - nics: nics
+  - node_uuid: node_uuid
  - links: links
  - uuid: server_uuid
  - status: server_status
--- a/mogan/api/controllers/v1/servers.py
+++ b/mogan/api/controllers/v1/servers.py
@ -448,6 +448,9 @@ class Server(base.APIBase):
    fault_info = {wtypes.text: types.jsontype}
    """The fault info of the server"""

+    node_uuid = types.uuid
+    """The node UUID of the server"""
+
    def __init__(self, **kwargs):
        super(Server, self).__init__(**kwargs)
        self.fields = []
@ -463,6 +466,11 @@ class Server(base.APIBase):
                    if fault_info is not None:
                        fault_info = fault_info.return_dict()
                        setattr(self, 'fault_info', fault_info)
+            if field == 'node_uuid':
+                if not pecan.request.context.is_admin:
+                    setattr(self, field, wtypes.Unset)
+                    continue
+
            # Skip fields we do not expose.
            if not hasattr(self, field):
                continue
--- a/mogan/tests/unit/api/v1/test_server.py
+++ b/mogan/tests/unit/api/v1/test_server.py
@ -122,13 +122,17 @@ class TestServerAuthorization(v1_test.APITestV1):
        # not admin but the owner
        self.context.tenant = self.server1.project_id
        headers = self.gen_headers(self.context, roles="no-admin")
-        self.get_json('/servers/%s' % self.server1.uuid, headers=headers)
+        resp = self.get_json('/servers/%s' % self.server1.uuid,
+                             headers=headers)
+        self.assertNotIn('node_uuid', resp)

    def test_server_get_one_by_admin(self):
        # when the evil tenant is admin, he can do everything.
        self.context.tenant = self.evil_project
        headers = self.gen_headers(self.context, roles="admin")
-        self.get_json('/servers/%s' % self.server1.uuid, headers=headers)
+        resp = self.get_json('/servers/%s' % self.server1.uuid,
+                             headers=headers)
+        self.assertIn('node_uuid', resp)

    def test_server_get_one_unauthorized(self):
        # not admin and not the owner