def test_populate_tenant_id(self): tenant_id_1 = uuidutils.generate_uuid() tenant_id_2 = uuidutils.generate_uuid() # apart from the admin, nobody can create a res on behalf of another # tenant ctx = context.Context(user_id=None, tenant_id=tenant_id_1) res_dict = {'tenant_id': tenant_id_2} self.assertRaises(webob.exc.HTTPBadRequest, attributes.populate_tenant_id, ctx, res_dict, None, None) ctx.is_admin = True self.assertIsNone(attributes.populate_tenant_id(ctx, res_dict, None, None)) # for each create request, the tenant_id should be added to the # req body res_dict2 = {} attributes.populate_tenant_id(ctx, res_dict2, None, True) self.assertEqual( {'tenant_id': ctx.tenant_id, 'project_id': ctx.tenant_id}, res_dict2) # if the tenant_id is mandatory for the resource and not specified # in the request nor in the context, an exception should be raised res_dict3 = {} attr_info = {'tenant_id': {'allow_post': True}, } ctx.tenant_id = None self.assertRaises(webob.exc.HTTPBadRequest, attributes.populate_tenant_id, ctx, res_dict3, attr_info, True)
def test_populate_tenant_id(self): tenant_id_1 = uuidutils.generate_uuid() tenant_id_2 = uuidutils.generate_uuid() # apart from the admin, nobody can create a res on behalf of another # tenant ctx = context.Context(user_id=None, tenant_id=tenant_id_1) res_dict = {'tenant_id': tenant_id_2} self.assertRaises(webob.exc.HTTPBadRequest, attributes.populate_tenant_id, ctx, res_dict, None, None) ctx.is_admin = True self.assertIsNone(attributes.populate_tenant_id(ctx, res_dict, None, None)) # for each create request, the tenant_id should be added to the # req body res_dict2 = {} attributes.populate_tenant_id(ctx, res_dict2, None, True) self.assertEqual({'tenant_id': ctx.tenant_id}, res_dict2) # if the tenant_id is mandatory for the resource and not specified # in the request nor in the context, an exception should be raised res_dict3 = {} attr_info = {'tenant_id': {'allow_post': True}, } ctx.tenant_id = None self.assertRaises(webob.exc.HTTPBadRequest, attributes.populate_tenant_id, ctx, res_dict3, attr_info, True)
def prepare_request_body(context, body, is_create, resource, attr_info, allow_bulk=False): """Verifies required attributes are in request body. Also checking that an attribute is only specified if it is allowed for the given operation (create/update). Attribute with default values are considered to be optional. body argument must be the deserialized body. """ collection = resource + "s" if not body: raise webob.exc.HTTPBadRequest(_("Resource body required")) LOG.debug("Request body: %(body)s", {'body': strutils.mask_password(body)}) try: if collection in body: if not allow_bulk: raise webob.exc.HTTPBadRequest( _("Bulk operation " "not supported")) if not body[collection]: raise webob.exc.HTTPBadRequest(_("Resources required")) bulk_body = [ Controller.prepare_request_body( context, item if resource in item else {resource: item}, is_create, resource, attr_info, allow_bulk) for item in body[collection] ] return {collection: bulk_body} res_dict = body.get(resource) except (AttributeError, TypeError): msg = _("Body contains invalid data") raise webob.exc.HTTPBadRequest(msg) if res_dict is None: msg = _("Unable to find '%s' in request body") % resource raise webob.exc.HTTPBadRequest(msg) attributes.populate_tenant_id(context, res_dict, attr_info, is_create) attributes.verify_attributes(res_dict, attr_info) if is_create: # POST attributes.fill_default_value(attr_info, res_dict, webob.exc.HTTPBadRequest) else: # PUT for attr, attr_vals in six.iteritems(attr_info): if attr in res_dict and not attr_vals['allow_put']: msg = _("Cannot update read-only attribute %s") % attr raise webob.exc.HTTPBadRequest(msg) attributes.convert_value(attr_info, res_dict, webob.exc.HTTPBadRequest) return body
def prepare_request_body(context, body, is_create, resource, attr_info, allow_bulk=False): """Verifies required attributes are in request body. Also checking that an attribute is only specified if it is allowed for the given operation (create/update). Attribute with default values are considered to be optional. body argument must be the deserialized body. """ collection = resource + "s" if not body: raise webob.exc.HTTPBadRequest(_("Resource body required")) LOG.debug("Request body: %(body)s", {"body": body}) try: if collection in body: if not allow_bulk: raise webob.exc.HTTPBadRequest(_("Bulk operation " "not supported")) if not body[collection]: raise webob.exc.HTTPBadRequest(_("Resources required")) bulk_body = [ Controller.prepare_request_body( context, item if resource in item else {resource: item}, is_create, resource, attr_info, allow_bulk, ) for item in body[collection] ] return {collection: bulk_body} res_dict = body.get(resource) except (AttributeError, TypeError): msg = _("Body contains invalid data") raise webob.exc.HTTPBadRequest(msg) if res_dict is None: msg = _("Unable to find '%s' in request body") % resource raise webob.exc.HTTPBadRequest(msg) attributes.populate_tenant_id(context, res_dict, attr_info, is_create) attributes.verify_attributes(res_dict, attr_info) if is_create: # POST attributes.fill_default_value(attr_info, res_dict, webob.exc.HTTPBadRequest) else: # PUT for attr, attr_vals in six.iteritems(attr_info): if attr in res_dict and not attr_vals["allow_put"]: msg = _("Cannot update read-only attribute %s") % attr raise webob.exc.HTTPBadRequest(msg) attributes.convert_value(attr_info, res_dict, webob.exc.HTTPBadRequest) return body
def _fixup_res_dict(context, attr_name, res_dict, check_allow_post=True): attr_info = attributes.RESOURCE_ATTRIBUTE_MAP[attr_name] try: attributes.populate_tenant_id(context, res_dict, attr_info, True) attributes.verify_attributes(res_dict, attr_info) except webob.exc.HTTPBadRequest as e: # convert webob exception into ValueError as these functions are # for internal use. webob exception doesn't make sense. raise ValueError(e.detail) attributes.fill_default_value(attr_info, res_dict, check_allow_post=check_allow_post) attributes.convert_value(attr_info, res_dict) return res_dict
def _fixup_res_dict(context, attr_name, res_dict, check_allow_post=True): # This method is a replacement of _fixup_res_dict which is used in # neutron.plugin.common.utils. All this mock does is insert a uuid # for the id field if one is not found ONLY if running in api_replay_mode. if cfg.CONF.api_replay_mode and 'id' not in res_dict: res_dict['id'] = uuidutils.generate_uuid() attr_info = attributes.RESOURCE_ATTRIBUTE_MAP[attr_name] try: attributes.populate_tenant_id(context, res_dict, attr_info, True) attributes.verify_attributes(res_dict, attr_info) except webob.exc.HTTPBadRequest as e: # convert webob exception into ValueError as these functions are # for internal use. webob exception doesn't make sense. raise ValueError(e.detail) attributes.fill_default_value(attr_info, res_dict, check_allow_post=check_allow_post) attributes.convert_value(attr_info, res_dict) return res_dict