Validate rule uuids provided for update_policy
Add corresponding validation method to fwaas extension Change-Id: I643c10a996813d251684d3b5de04c8826729129f Closes-Bug: #1281083
This commit is contained in:
Eugene Nikanorov
parent
6f8a914ccf
commit
295a821635
@ -243,6 +243,7 @@ RESOURCE_ATTRIBUTE_MAP = {
|
|||||||
'is_visible': True, 'required_by_policy': True,
|
'is_visible': True, 'required_by_policy': True,
|
||||||
'enforce_policy': True},
|
'enforce_policy': True},
|
||||||
'firewall_rules': {'allow_post': True, 'allow_put': True,
|
'firewall_rules': {'allow_post': True, 'allow_put': True,
|
||||||
|
'validate': {'type:uuid_list': None},
|
||||||
'convert_to': attr.convert_none_to_empty_list,
|
'convert_to': attr.convert_none_to_empty_list,
|
||||||
'default': None, 'is_visible': True},
|
'default': None, 'is_visible': True},
|
||||||
'audited': {'allow_post': True, 'allow_put': True,
|
'audited': {'allow_post': True, 'allow_put': True,
|
||||||
|
|||||||
@ -29,6 +29,7 @@ from neutron.db.firewall import firewall_db as fdb
|
|||||||
import neutron.extensions
|
import neutron.extensions
|
||||||
from neutron.extensions import firewall
|
from neutron.extensions import firewall
|
||||||
from neutron.openstack.common import importutils
|
from neutron.openstack.common import importutils
|
||||||
|
from neutron.openstack.common import uuidutils
|
||||||
from neutron.plugins.common import constants
|
from neutron.plugins.common import constants
|
||||||
from neutron.tests.unit import test_db_plugin
|
from neutron.tests.unit import test_db_plugin
|
||||||
|
|
||||||
@ -477,7 +478,8 @@ class TestFirewallDBPlugin(FirewallPluginDbTestCase):
|
|||||||
self.firewall_rule(name='fwr2',
|
self.firewall_rule(name='fwr2',
|
||||||
no_delete=True)) as fr:
|
no_delete=True)) as fr:
|
||||||
fw_rule_ids = [r['firewall_rule']['id'] for r in fr]
|
fw_rule_ids = [r['firewall_rule']['id'] for r in fr]
|
||||||
fw_rule_ids.append('12345') # non-existent rule
|
# appending non-existent rule
|
||||||
|
fw_rule_ids.append(uuidutils.generate_uuid())
|
||||||
data = {'firewall_policy':
|
data = {'firewall_policy':
|
||||||
{'firewall_rules': fw_rule_ids}}
|
{'firewall_rules': fw_rule_ids}}
|
||||||
req = self.new_update_request('firewall_policies', data,
|
req = self.new_update_request('firewall_policies', data,
|
||||||
|
|||||||
@ -378,6 +378,17 @@ class FirewallExtensionTestCase(testlib_api.WebTestCase):
|
|||||||
self.assertIn('firewall_policy', res)
|
self.assertIn('firewall_policy', res)
|
||||||
self.assertEqual(res['firewall_policy'], return_value)
|
self.assertEqual(res['firewall_policy'], return_value)
|
||||||
|
|
||||||
|
def test_firewall_policy_update_malformed_rules(self):
|
||||||
|
# emulating client request when no rule uuids are provided for
|
||||||
|
# --firewall_rules parameter
|
||||||
|
update_data = {'firewall_policy': {'firewall_rules': True}}
|
||||||
|
# have to check for generic AppError
|
||||||
|
self.assertRaises(
|
||||||
|
webtest.AppError,
|
||||||
|
self.api.put,
|
||||||
|
_get_path('fw/firewall_policies', id=_uuid(), fmt=self.fmt),
|
||||||
|
self.serialize(update_data))
|
||||||
|
|
||||||
def test_firewall_policy_delete(self):
|
def test_firewall_policy_delete(self):
|
||||||
self._test_entity_delete('firewall_policy')
|
self._test_entity_delete('firewall_policy')
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user