Merge "Validate rule uuids provided for update_policy"
This commit is contained in:
commit
9f1bdec5fa
@ -243,6 +243,7 @@ RESOURCE_ATTRIBUTE_MAP = {
|
||||
'is_visible': True, 'required_by_policy': True,
|
||||
'enforce_policy': True},
|
||||
'firewall_rules': {'allow_post': True, 'allow_put': True,
|
||||
'validate': {'type:uuid_list': None},
|
||||
'convert_to': attr.convert_none_to_empty_list,
|
||||
'default': None, 'is_visible': True},
|
||||
'audited': {'allow_post': True, 'allow_put': True,
|
||||
|
@ -29,6 +29,7 @@ from neutron.db.firewall import firewall_db as fdb
|
||||
import neutron.extensions
|
||||
from neutron.extensions import firewall
|
||||
from neutron.openstack.common import importutils
|
||||
from neutron.openstack.common import uuidutils
|
||||
from neutron.plugins.common import constants
|
||||
from neutron.tests.unit import test_db_plugin
|
||||
|
||||
@ -477,7 +478,8 @@ class TestFirewallDBPlugin(FirewallPluginDbTestCase):
|
||||
self.firewall_rule(name='fwr2',
|
||||
no_delete=True)) as fr:
|
||||
fw_rule_ids = [r['firewall_rule']['id'] for r in fr]
|
||||
fw_rule_ids.append('12345') # non-existent rule
|
||||
# appending non-existent rule
|
||||
fw_rule_ids.append(uuidutils.generate_uuid())
|
||||
data = {'firewall_policy':
|
||||
{'firewall_rules': fw_rule_ids}}
|
||||
req = self.new_update_request('firewall_policies', data,
|
||||
|
@ -378,6 +378,17 @@ class FirewallExtensionTestCase(testlib_api.WebTestCase):
|
||||
self.assertIn('firewall_policy', res)
|
||||
self.assertEqual(res['firewall_policy'], return_value)
|
||||
|
||||
def test_firewall_policy_update_malformed_rules(self):
|
||||
# emulating client request when no rule uuids are provided for
|
||||
# --firewall_rules parameter
|
||||
update_data = {'firewall_policy': {'firewall_rules': True}}
|
||||
# have to check for generic AppError
|
||||
self.assertRaises(
|
||||
webtest.AppError,
|
||||
self.api.put,
|
||||
_get_path('fw/firewall_policies', id=_uuid(), fmt=self.fmt),
|
||||
self.serialize(update_data))
|
||||
|
||||
def test_firewall_policy_delete(self):
|
||||
self._test_entity_delete('firewall_policy')
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user