Issue #24: Introduce app ownership validation in Runnable controller
Fixes: #24
This commit is contained in:
parent
3bbe877b88
commit
262903983f
|
@ -139,9 +139,19 @@ class RunnableV1Controller(controller.ServiceController,
|
|||
"200":
|
||||
description: successful operation. Return "runnable" JSON
|
||||
"404":
|
||||
description: App does not exist
|
||||
description: App not found
|
||||
"404":
|
||||
description: App route does not exist
|
||||
description: App route not found
|
||||
"""
|
||||
app = request.match_info.get('app')
|
||||
project_id = request.match_info.get('project_id')
|
||||
|
||||
if not (await app_model.Apps.exists(app, project_id)):
|
||||
return web.json_response(data={
|
||||
"error": {
|
||||
"message": "App {0} not found".format(app),
|
||||
}
|
||||
}, status=404)
|
||||
|
||||
return await super(RunnableV1Controller,
|
||||
self).run(request, **kwargs)
|
||||
|
|
|
@ -223,3 +223,13 @@ class AppRoutesTestSuite(object):
|
|||
)
|
||||
)
|
||||
self.assertEqual(403, status)
|
||||
|
||||
def fail_to_run_app_from_other_project(self):
|
||||
with setup_execute(self, "fail_to_run_app_"
|
||||
"from_other_project") as app_name:
|
||||
_, status = self.testloop.run_until_complete(
|
||||
self.other_test_client.routes.execute_public(
|
||||
app_name, self.route_data["path"]
|
||||
)
|
||||
)
|
||||
self.assertEqual(404, status)
|
||||
|
|
|
@ -74,12 +74,17 @@ class FunctionalTestsBase(base.PicassoTestsBase, testtools.TestCase):
|
|||
)
|
||||
|
||||
self.project_id = str(uuid.uuid4()).replace("-", "")
|
||||
self.other_project_id = str(uuid.uuid4()).replace("-", "")
|
||||
|
||||
self.test_client = client.ProjectBoundTestClient(
|
||||
self.testapp, self.project_id)
|
||||
self.other_test_client = client.ProjectBoundTestClient(
|
||||
self.testapp, self.other_project_id)
|
||||
|
||||
self.testloop.run_until_complete(self.test_client.start_server())
|
||||
super(FunctionalTestsBase, self).setUp()
|
||||
|
||||
def tearDown(self):
|
||||
self.testloop.run_until_complete(self.test_client.close())
|
||||
self.testloop.run_until_complete(self.other_test_client.close())
|
||||
super(FunctionalTestsBase, self).tearDown()
|
||||
|
|
|
@ -52,3 +52,7 @@ class TestAppRoutes(base.FunctionalTestsBase,
|
|||
|
||||
def test_fail_to_execute_private_route(self):
|
||||
super(TestAppRoutes, self).fail_to_execute_private_as_public()
|
||||
|
||||
def test_fail_to_run_app_from_other_project(self):
|
||||
super(TestAppRoutes,
|
||||
self).fail_to_run_app_from_other_project()
|
||||
|
|
Loading…
Reference in New Issue