Skip to content

Commit

Permalink
Do not overwrite project_id from request params
Browse files Browse the repository at this point in the history 
Prevent project_id overwriting from OSAPI request parameters.
The patch is actually very simple (nova/api/openstack/wsgi.py) but
needs significant test adjustments (nova/tests/*) to pass.

Fixes bug 904072. Patch from Vish Ishaya and Mark McLoughlin.

Change-Id: I66ea0f178ce6271ec1020e9f1a73bd4e8c83ddab
  • Loading branch information
@ttx
ttx committed Jan 11, 2012
1 parent bd035a5 commit c9c09bd
Show file tree
Hide file tree
Showing 22 changed files with 202 additions and 200 deletions.
6 changes: 4 additions & 2 deletions nova/api/openstack/wsgi.py
View file
Expand Up @@ -832,8 +832,10 @@ def __call__(self, request):
action_args.update(contents)

project_id = action_args.pop("project_id", None)
if 'nova.context' in request.environ and project_id:
request.environ['nova.context'].project_id = project_id
if ('nova.context' in request.environ and project_id
and project_id != request.environ['nova.context'].project_id):
msg = _("Malformed request url")
return Fault(webob.exc.HTTPBadRequest(explanation=msg))

response = None
try:
Expand Down
13 changes: 6 additions & 7 deletions nova/tests/api/openstack/v2/contrib/test_cloudpipe.py
View file
Expand Up @@ -113,8 +113,8 @@ def setUp(self):
self.flags(allow_admin_api=True)
self.app = fakes.wsgi_app()
inner_app = v2.APIRouter()
adm_ctxt = context.get_admin_context()
self.app = auth.InjectContext(adm_ctxt, inner_app)
self.context = context.RequestContext('fake', 'fake', is_admin=True)
self.app = auth.InjectContext(self.context, inner_app)
route = inner_app.map.match('/1234/os-cloudpipe')
self.controller = route['controller'].controller
fakes.stub_out_networking(self.stubs)
Expand All @@ -133,13 +133,12 @@ def setUp(self):
# causes failures in AuthManagerLdapTestCase. So use a fake object.
self.controller.auth_manager = FakeAuthManager()
self.stubs.Set(utils, 'vpn_ping', utils_vpn_ping)
self.context = context.get_admin_context()
global EMPTY_INSTANCE_LIST
EMPTY_INSTANCE_LIST = True

def test_cloudpipe_list_none_running(self):
"""Should still get an entry per-project, just less descriptive."""
req = webob.Request.blank('/123/os-cloudpipe')
req = webob.Request.blank('/fake/os-cloudpipe')
res = req.get_response(self.app)
self.assertEqual(res.status_int, 200)
res_dict = json.loads(res.body)
Expand All @@ -150,7 +149,7 @@ def test_cloudpipe_list_none_running(self):
def test_cloudpipe_list(self):
global EMPTY_INSTANCE_LIST
EMPTY_INSTANCE_LIST = False
req = webob.Request.blank('/123/os-cloudpipe')
req = webob.Request.blank('/fake/os-cloudpipe')
res = req.get_response(self.app)
self.assertEqual(res.status_int, 200)
res_dict = json.loads(res.body)
Expand All @@ -162,7 +161,7 @@ def test_cloudpipe_list(self):

def test_cloudpipe_create(self):
body = {'cloudpipe': {'project_id': 1}}
req = webob.Request.blank('/123/os-cloudpipe')
req = webob.Request.blank('/fake/os-cloudpipe')
req.method = 'POST'
req.body = json.dumps(body)
req.headers['Content-Type'] = 'application/json'
Expand All @@ -178,7 +177,7 @@ def test_cloudpipe_create_already_running(self):
self.stubs.SmartSet(self.controller.cloudpipe, 'launch_vpn_instance',
better_not_call_this)
body = {'cloudpipe': {'project_id': 1}}
req = webob.Request.blank('/123/os-cloudpipe')
req = webob.Request.blank('/fake/os-cloudpipe')
req.method = 'POST'
req.body = json.dumps(body)
req.headers['Content-Type'] = 'application/json'
Expand Down
8 changes: 4 additions & 4 deletions nova/tests/api/openstack/v2/contrib/test_console_output.py
View file
Expand Up @@ -54,7 +54,7 @@ def setUp(self):

def test_get_text_console_instance_action(self):
body = {'os-getConsoleOutput': {}}
req = webob.Request.blank('/v1.1/123/servers/1/action')
req = webob.Request.blank('/v2/fake/servers/1/action')
req.method = "POST"
req.body = json.dumps(body)
req.headers["content-type"] = "application/json"
Expand All @@ -66,7 +66,7 @@ def test_get_text_console_instance_action(self):

def test_get_console_output_with_tail(self):
body = {'os-getConsoleOutput': {'length': 3}}
req = webob.Request.blank('/v2/123/servers/1/action')
req = webob.Request.blank('/v2/fake/servers/1/action')
req.method = "POST"
req.body = json.dumps(body)
req.headers["content-type"] = "application/json"
Expand All @@ -78,7 +78,7 @@ def test_get_console_output_with_tail(self):
def test_get_text_console_no_instance(self):
self.stubs.Set(compute.API, 'get', fake_get_not_found)
body = {'os-getConsoleOutput': {}}
req = webob.Request.blank('/v1.1/123/servers/1/action')
req = webob.Request.blank('/v2/fake/servers/1/action')
req.method = "POST"
req.body = json.dumps(body)
req.headers["content-type"] = "application/json"
Expand All @@ -88,7 +88,7 @@ def test_get_text_console_no_instance(self):

def test_get_text_console_bad_body(self):
body = {}
req = webob.Request.blank('/v1.1/123/servers/1/action')
req = webob.Request.blank('/v2/fake/servers/1/action')
req.method = "POST"
req.body = json.dumps(body)
req.headers["content-type"] = "application/json"
Expand Down
8 changes: 4 additions & 4 deletions nova/tests/api/openstack/v2/contrib/test_createserverext.py
View file
Expand Up @@ -175,7 +175,7 @@ def _create_user_data_request_dict(self, user_data):
return {'server': server}

def _get_create_request_json(self, body_dict):
req = webob.Request.blank('/v2/123/os-create-server-ext')
req = webob.Request.blank('/v2/fake/os-create-server-ext')
req.headers['Content-Type'] = 'application/json'
req.method = 'POST'
req.body = json.dumps(body_dict)
Expand Down Expand Up @@ -220,7 +220,7 @@ def _format_xml_request_body(self, body_dict):
return ''.join(body_parts)

def _get_create_request_xml(self, body_dict):
req = webob.Request.blank('/v2/123/os-create-server-ext')
req = webob.Request.blank('/v2/fake/os-create-server-ext')
req.content_type = 'application/xml'
req.accept = 'application/xml'
req.method = 'POST'
Expand Down Expand Up @@ -406,7 +406,7 @@ def test_create_instance_with_security_group_json(self):
def test_get_server_by_id_verify_security_groups_json(self):
self.stubs.Set(nova.db, 'instance_get', return_server_by_id)
self._setup_mock_network_api()
req = webob.Request.blank('/v2/123/os-create-server-ext/1')
req = webob.Request.blank('/v2/fake/os-create-server-ext/1')
req.headers['Content-Type'] = 'application/json'
response = req.get_response(fakes.wsgi_app())
self.assertEquals(response.status_int, 200)
Expand All @@ -418,7 +418,7 @@ def test_get_server_by_id_verify_security_groups_json(self):
def test_get_server_by_id_verify_security_groups_xml(self):
self.stubs.Set(nova.db, 'instance_get', return_server_by_id)
self._setup_mock_network_api()
req = webob.Request.blank('/v2/123/os-create-server-ext/1')
req = webob.Request.blank('/v2/fake/os-create-server-ext/1')
req.headers['Accept'] = 'application/xml'
response = req.get_response(fakes.wsgi_app())
self.assertEquals(response.status_int, 200)
Expand Down
2 changes: 1 addition & 1 deletion nova/tests/api/openstack/v2/contrib/test_extendedstatus.py
View file
Expand Up @@ -39,7 +39,7 @@ class ExtendedStatusTest(test.TestCase):
def setUp(self):
super(ExtendedStatusTest, self).setUp()
self.uuid = '70f6db34-de8d-4fbd-aafb-4065bdfa6114'
self.url = '/v2/openstack/servers/%s' % self.uuid
self.url = '/v2/fake/servers/%s' % self.uuid
fakes.stub_out_nw_api(self.stubs)
self.flags(allow_admin_api=True)
self.stubs.Set(compute.api.API, 'routing_get', fake_compute_get)
Expand Down
22 changes: 11 additions & 11 deletions nova/tests/api/openstack/v2/contrib/test_flavors_extra_specs.py
View file
Expand Up @@ -61,7 +61,7 @@ def test_index(self):
self.stubs.Set(nova.db, 'instance_type_extra_specs_get',
return_flavor_extra_specs)

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs')
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs')
res_dict = self.controller.index(req, 1)

self.assertEqual('value1', res_dict['extra_specs']['key1'])
Expand All @@ -70,7 +70,7 @@ def test_index_no_data(self):
self.stubs.Set(nova.db, 'instance_type_extra_specs_get',
return_empty_flavor_extra_specs)

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs')
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs')
res_dict = self.controller.index(req, 1)

self.assertEqual(0, len(res_dict['extra_specs']))
Expand All @@ -79,7 +79,7 @@ def test_show(self):
self.stubs.Set(nova.db, 'instance_type_extra_specs_get',
return_flavor_extra_specs)

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs' +
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs' +
'/key5')
res_dict = self.controller.show(req, 1, 'key5')

Expand All @@ -89,7 +89,7 @@ def test_show_spec_not_found(self):
self.stubs.Set(nova.db, 'instance_type_extra_specs_get',
return_empty_flavor_extra_specs)

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs' +
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs' +
'/key6')
self.assertRaises(webob.exc.HTTPNotFound, self.controller.show,
req, 1, 'key6')
Expand All @@ -98,7 +98,7 @@ def test_delete(self):
self.stubs.Set(nova.db, 'instance_type_extra_specs_delete',
delete_flavor_extra_specs)

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs' +
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs' +
'/key5')
self.controller.delete(req, 1, 'key5')

Expand All @@ -108,7 +108,7 @@ def test_create(self):
return_create_flavor_extra_specs)
body = {"extra_specs": {"key1": "value1"}}

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs')
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs')
res_dict = self.controller.create(req, 1, body)

self.assertEqual('value1', res_dict['extra_specs']['key1'])
Expand All @@ -118,7 +118,7 @@ def test_create_empty_body(self):
'instance_type_extra_specs_update_or_create',
return_create_flavor_extra_specs)

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs')
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs')
self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
req, 1, '')

Expand All @@ -128,7 +128,7 @@ def test_update_item(self):
return_create_flavor_extra_specs)
body = {"key1": "value1"}

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs' +
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs' +
'/key1')
res_dict = self.controller.update(req, 1, 'key1', body)

Expand All @@ -139,7 +139,7 @@ def test_update_item_empty_body(self):
'instance_type_extra_specs_update_or_create',
return_create_flavor_extra_specs)

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs' +
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs' +
'/key1')
self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
req, 1, 'key1', '')
Expand All @@ -150,7 +150,7 @@ def test_update_item_too_many_keys(self):
return_create_flavor_extra_specs)
body = {"key1": "value1", "key2": "value2"}

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs' +
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs' +
'/key1')
self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
req, 1, 'key1', body)
Expand All @@ -161,7 +161,7 @@ def test_update_item_body_uri_mismatch(self):
return_create_flavor_extra_specs)
body = {"key1": "value1"}

req = fakes.HTTPRequest.blank('/v2/123/flavors/1/os-extra_specs/bad')
req = fakes.HTTPRequest.blank('/v2/fake/flavors/1/os-extra_specs/bad')
self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
req, 1, 'bad', body)

Expand Down
22 changes: 11 additions & 11 deletions nova/tests/api/openstack/v2/contrib/test_floating_ips.py
View file
Expand Up @@ -163,7 +163,7 @@ def test_translate_floating_ip_view_dict(self):
self.assertTrue('floating_ip' in view)

def test_floating_ips_list(self):
req = fakes.HTTPRequest.blank('/v2/123/os-floating-ips')
req = fakes.HTTPRequest.blank('/v2/fake/os-floating-ips')
res_dict = self.controller.index(req)

response = {'floating_ips': [{'instance_id': FAKE_UUID,
Expand All @@ -179,7 +179,7 @@ def test_floating_ips_list(self):
self.assertEqual(res_dict, response)

def test_floating_ip_show(self):
req = fakes.HTTPRequest.blank('/v2/123/os-floating-ips/1')
req = fakes.HTTPRequest.blank('/v2/fake/os-floating-ips/1')
res_dict = self.controller.show(req, 1)

self.assertEqual(res_dict['floating_ip']['id'], 1)
Expand All @@ -194,7 +194,7 @@ def get_floating_ip(self, context, id):
'instance': {'uuid': FAKE_UUID}}}
self.stubs.Set(network.api.API, "get_floating_ip", get_floating_ip)

req = fakes.HTTPRequest.blank('/v2/123/os-floating-ips/1')
req = fakes.HTTPRequest.blank('/v2/fake/os-floating-ips/1')
res_dict = self.controller.show(req, 1)

self.assertEqual(res_dict['floating_ip']['id'], 1)
Expand All @@ -208,7 +208,7 @@ def fake_call(*args, **kwargs):

self.stubs.Set(rpc, "call", fake_call)

req = fakes.HTTPRequest.blank('/v2/123/os-floating-ips')
req = fakes.HTTPRequest.blank('/v2/fake/os-floating-ips')
self.assertRaises(webob.exc.HTTPBadRequest, self.controller.create,
req)

Expand All @@ -224,7 +224,7 @@ def fake2(*args, **kwargs):
self.stubs.Set(network.api.API, "get_floating_ip_by_address",
fake2)

req = fakes.HTTPRequest.blank('/v2/123/os-floating-ips')
req = fakes.HTTPRequest.blank('/v2/fake/os-floating-ips')
res_dict = self.controller.create(req)

ip = res_dict['floating_ip']
Expand All @@ -238,45 +238,45 @@ def fake2(*args, **kwargs):
self.assertEqual(ip, expected)

def test_floating_ip_release(self):
req = fakes.HTTPRequest.blank('/v2/123/os-floating-ips/1')
req = fakes.HTTPRequest.blank('/v2/fake/os-floating-ips/1')
self.controller.delete(req, 1)

# test floating ip add/remove -> associate/disassociate

def test_floating_ip_associate(self):
body = dict(addFloatingIp=dict(address=self.floating_ip))

req = fakes.HTTPRequest.blank('/v2/123/servers/test_inst/action')
req = fakes.HTTPRequest.blank('/v2/fake/servers/test_inst/action')
self.manager._add_floating_ip(body, req, 'test_inst')

def test_floating_ip_disassociate(self):
body = dict(removeFloatingIp=dict(address='10.10.10.10'))

req = fakes.HTTPRequest.blank('/v2/123/servers/test_inst/action')
req = fakes.HTTPRequest.blank('/v2/fake/servers/test_inst/action')
self.manager._remove_floating_ip(body, req, 'test_inst')

# these are a few bad param tests

def test_bad_address_param_in_remove_floating_ip(self):
body = dict(removeFloatingIp=dict(badparam='11.0.0.1'))

req = fakes.HTTPRequest.blank('/v2/123/servers/test_inst/action')
req = fakes.HTTPRequest.blank('/v2/fake/servers/test_inst/action')
self.assertRaises(webob.exc.HTTPBadRequest,
self.manager._add_floating_ip, body, req,
'test_inst')

def test_missing_dict_param_in_remove_floating_ip(self):
body = dict(removeFloatingIp='11.0.0.1')

req = fakes.HTTPRequest.blank('/v2/123/servers/test_inst/action')
req = fakes.HTTPRequest.blank('/v2/fake/servers/test_inst/action')
self.assertRaises(webob.exc.HTTPBadRequest,
self.manager._remove_floating_ip, body, req,
'test_inst')

def test_missing_dict_param_in_add_floating_ip(self):
body = dict(addFloatingIp='11.0.0.1')

req = fakes.HTTPRequest.blank('/v2/123/servers/test_inst/action')
req = fakes.HTTPRequest.blank('/v2/fake/servers/test_inst/action')
self.assertRaises(webob.exc.HTTPBadRequest,
self.manager._add_floating_ip, body, req,
'test_inst')
Expand Down
8 changes: 4 additions & 4 deletions nova/tests/api/openstack/v2/contrib/test_keypairs.py
View file
Expand Up @@ -61,7 +61,7 @@ def setUp(self):
self.context = context.get_admin_context()

def test_keypair_list(self):
req = webob.Request.blank('/v2/123/os-keypairs')
req = webob.Request.blank('/v2/fake/os-keypairs')
res = req.get_response(fakes.wsgi_app())
self.assertEqual(res.status_int, 200)
res_dict = json.loads(res.body)
Expand All @@ -70,7 +70,7 @@ def test_keypair_list(self):

def test_keypair_create(self):
body = {'keypair': {'name': 'create_test'}}
req = webob.Request.blank('/v2/123/os-keypairs')
req = webob.Request.blank('/v2/fake/os-keypairs')
req.method = 'POST'
req.body = json.dumps(body)
req.headers['Content-Type'] = 'application/json'
Expand All @@ -96,7 +96,7 @@ def test_keypair_import(self):
},
}

req = webob.Request.blank('/v2/123/os-keypairs')
req = webob.Request.blank('/v2/fake/os-keypairs')
req.method = 'POST'
req.body = json.dumps(body)
req.headers['Content-Type'] = 'application/json'
Expand All @@ -108,7 +108,7 @@ def test_keypair_import(self):
self.assertFalse('private_key' in res_dict['keypair'])

def test_keypair_delete(self):
req = webob.Request.blank('/v2/123/os-keypairs/FAKE')
req = webob.Request.blank('/v2/fake/os-keypairs/FAKE')
req.method = 'DELETE'
req.headers['Content-Type'] = 'application/json'
res = req.get_response(fakes.wsgi_app())
Expand Down

0 comments on commit c9c09bd

Please sign in to comment.