diff options
| author | xingzhou <xingzhou@cn.ibm.com> | 2013-07-31 11:25:53 +0800 |
|---|---|---|
| committer | xingzhou <xingzhou@cn.ibm.com> | 2013-08-01 13:21:12 +0800 |
| commit | 05c8c487b549041be44275af6c90998d9fbf565e (patch) | |
| tree | 5fb7d73465ea842383e5086069b8e04f373edeff | |
| parent | f1ac78c8992432e5f6d5c29f24f202870cb14a97 (diff) | |
| download | keystone-05c8c487b549041be44275af6c90998d9fbf565e.tar.gz keystone-05c8c487b549041be44275af6c90998d9fbf565e.tar.xz keystone-05c8c487b549041be44275af6c90998d9fbf565e.zip | |
V3 API need to check mandatory field when creating resources
When creating items like project, role through V3 API, if name field
is missing, the server will return 500 internal error or 409 conflict
error, shall return 400 bad request error instead
Change-Id: I9deddcd4cf801306c16555b59bba7fdfab6556a7
Fixes: Bug 1136342
| -rw-r--r-- | keystone/identity/controllers.py | 10 | ||||
| -rw-r--r-- | tests/test_v3_identity.py | 20 |
2 files changed, 30 insertions, 0 deletions
diff --git a/keystone/identity/controllers.py b/keystone/identity/controllers.py index 12fb8145..7ca1f8bf 100644 --- a/keystone/identity/controllers.py +++ b/keystone/identity/controllers.py @@ -403,6 +403,8 @@ class DomainV3(controller.V3Controller): @controller.protected def create_domain(self, context, domain): + self._require_attribute(domain, 'name') + ref = self._assign_unique_id(self._normalize_dict(domain)) ref = self.identity_api.create_domain(ref['id'], ref) return DomainV3.wrap_member(context, ref) @@ -544,6 +546,8 @@ class ProjectV3(controller.V3Controller): @controller.protected def create_project(self, context, project): + self._require_attribute(project, 'name') + ref = self._assign_unique_id(self._normalize_dict(project)) ref = self._normalize_domain_id(context, ref) ref = self.identity_api.create_project(ref['id'], ref) @@ -592,6 +596,8 @@ class UserV3(controller.V3Controller): @controller.protected def create_user(self, context, user): + self._require_attribute(user, 'name') + ref = self._assign_unique_id(self._normalize_dict(user)) ref = self._normalize_domain_id(context, ref) ref = self.identity_api.create_user(ref['id'], ref) @@ -663,6 +669,8 @@ class GroupV3(controller.V3Controller): @controller.protected def create_group(self, context, group): + self._require_attribute(group, 'name') + ref = self._assign_unique_id(self._normalize_dict(group)) ref = self._normalize_domain_id(context, ref) ref = self.identity_api.create_group(ref['id'], ref) @@ -713,6 +721,8 @@ class RoleV3(controller.V3Controller): @controller.protected def create_role(self, context, role): + self._require_attribute(role, 'name') + ref = self._assign_unique_id(self._normalize_dict(role)) ref = self.identity_api.create_role(ref['id'], ref) return RoleV3.wrap_member(context, ref) diff --git a/tests/test_v3_identity.py b/tests/test_v3_identity.py index 5eaf9085..891f0c6a 100644 --- a/tests/test_v3_identity.py +++ b/tests/test_v3_identity.py @@ -105,6 +105,10 @@ class IdentityTestCase(test_v3.RestfulTestCase): body={'domain': ref}) return self.assertValidDomainResponse(r, ref) + def test_create_domain_400(self): + """Call ``POST /domains``.""" + self.post('/domains', body={'domain': {}}, expected_status=400) + def test_list_domains(self): """Call ``GET /domains``.""" r = self.get('/domains') @@ -313,6 +317,10 @@ class IdentityTestCase(test_v3.RestfulTestCase): body={'project': ref}) self.assertValidProjectResponse(r, ref) + def test_create_project_400(self): + """Call ``POST /projects``.""" + self.post('/projects', body={'project': {}}, expected_status=400) + def test_get_project(self): """Call ``GET /projects/{project_id}``.""" r = self.get( @@ -376,6 +384,10 @@ class IdentityTestCase(test_v3.RestfulTestCase): body={'user': ref}) return self.assertValidUserResponse(r, ref) + def test_create_user_400(self): + """Call ``POST /users``.""" + self.post('/users', body={'user': {}}, expected_status=400) + def test_list_users(self): """Call ``GET /users``.""" r = self.get('/users') @@ -529,6 +541,10 @@ class IdentityTestCase(test_v3.RestfulTestCase): body={'group': ref}) return self.assertValidGroupResponse(r, ref) + def test_create_group_400(self): + """Call ``POST /groups``.""" + self.post('/groups', body={'group': {}}, expected_status=400) + def test_list_groups(self): """Call ``GET /groups``.""" r = self.get('/groups') @@ -569,6 +585,10 @@ class IdentityTestCase(test_v3.RestfulTestCase): body={'role': ref}) return self.assertValidRoleResponse(r, ref) + def test_create_role_400(self): + """Call ``POST /roles``.""" + self.post('/roles', body={'role': {}}, expected_status=400) + def test_list_roles(self): """Call ``GET /roles``.""" r = self.get('/roles') |