Add tests for attempting to share a service instance from private broker#1036
Merged
anniesing merged 21 commits intoDec 21, 2017
Conversation
|
Hey jenspinney! Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA. |
|
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/153666791 The labels on this github issue will be updated when the story is started. |
[#152922808] Signed-off-by: Jen Spinney <jennifer.spinney@suse.com>
[#152922808] Signed-off-by: Sam Gunaratne <sgunaratne@pivotal.io>
[#152922808] Signed-off-by: Denise Yu <dyu@pivotal.io>
[#152922808] Signed-off-by: Denise Yu <dyu@pivotal.io>
* Add additional tests for user provided services and service instance sharing Signed-off-by: Sam Gunaratne <sgunaratne@pivotal.io>
422 Unprocessable is a more appropriate error message as the syntax of the request is correct, however the semantics of the request are wrong. [#153176525] Signed-off-by: Jen Spinney <jennifer.spinney@suse.com>
* This allows developers who does not have cross space access to discover the space_guid when using service instance sharing. [#153244755] Signed-off-by: Sam Gunaratne <sgunaratne@pivotal.io>
* This could introduce a name clash in spaces receiving a shared instance [#152109574]
[#153244755] Signed-off-by: Alex Blease <ablease@pivotal.io>
* If the service_instance_sharing feature flag has been disabled after service instances have been shared, users should still be allowed to unshare existing shares. These existing shares will continue to work with existing app bindings, but new bindings cannot be created as long as the feature flag is disabled. [#150970623] Signed-off-by: Denise Yu <dyu@pivotal.io>
…ead access * Previous to this change, service bindings would be displayed if the requesting user had read access to the service instance of the service binding. This included read access to spaces to which the service instance had been shared. Now we are restricting this such that only users who can view the app can view the binding. [#153456495] Signed-off-by: Jen Spinney <jennifer.spinney@suse.com>
* Previously, we restricted binding apps to shared service instances such that it was only allowed when the `service_instance_sharing` feature flag was enabled. * For better UX in the situation where the feature flag was enabled, a service instance was shared, and then the feature flag was disabled, we now allow users to bind apps to shared spaces, even when the flag is disabled. [#153438338] Signed-off-by: Jen Spinney <jennifer.spinney@suse.com>
… plan [#150801609] Signed-off-by: Denise Yu <dyu@pivotal.io>
* cloudfoundry#1006 * cloudfoundry#1007 * cloudfoundry#1024 Signed-off-by: Denise Yu <dyu@pivotal.io>
[#153566266] Signed-off-by: Denise Yu <dyu@pivotal.io>
[#153566266] Signed-off-by: Jen Spinney <jennifer.spinney@suse.com>
[#152309117] Signed-off-by: Alex Blease <ablease@pivotal.io>
* If a user has read access to a service instance because it was shared with them, but they don't have read access to the originating space of the service instance, they should not be able to view the guids of all other spaces to which the service instance has been shared. * Added docs page for `GET /v3/service_instances/:guid/relationships/shared_spaces` * Renamed controller method from #show to #relationships_shared_spaces [#152309117] Signed-off-by: Alex Blease <ablease@pivotal.io>
* This is not possible as the target space fails service access validation. This commit adds additional tests to verify this behaviour. Signed-off-by: Denise Yu <dyu@pivotal.io>
9e0b35a to
4093d9c
Compare
Merged
4 tasks
|
Test changes look good. Merging now. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds missing tests for verifying that a service instance which was created from a private (i.e., space-scoped) broker cannot be shared with another space.
NOTE: This PR builds on top of #1035, which should be merged first. The actual changes on top of #1035 can be viewed in this diff.
PR
masterbranchbundle exec rakeThanks,
SAPI team (@jenspinney and @ablease)