diff options
| author | Mohammed Naser <mnaser@vexxhost.com> | 2012-05-15 17:43:50 -0400 |
|---|---|---|
| committer | Mohammed Naser <mnaser@vexxhost.com> | 2012-05-15 17:47:39 -0400 |
| commit | 19b6076869f6e177febc559b191f4ef9c352e55b (patch) | |
| tree | cb6af042d9f543c3000f01926db52a102d495ba3 | |
| parent | 3c9c38a8e08dd0300a04edb843a0b3e49486e86f (diff) | |
Add validations of 'name' field for roles, users and tenants.
Fixes LP Bug #997725
Change-Id: I2759d21bed3c0e42642de96184844e1b9e795bb6
| -rw-r--r-- | keystone/identity/core.py | 15 | ||||
| -rw-r--r-- | tests/test_keystoneclient.py | 23 |
2 files changed, 38 insertions, 0 deletions
diff --git a/keystone/identity/core.py b/keystone/identity/core.py index 5efd142e..f9b1a3a4 100644 --- a/keystone/identity/core.py +++ b/keystone/identity/core.py @@ -295,6 +295,11 @@ class TenantController(wsgi.Application): # CRUD Extension def create_tenant(self, context, tenant): tenant_ref = self._normalize_dict(tenant) + + if not 'name' in tenant_ref or not tenant_ref['name']: + msg = 'Name field is required and cannot be empty' + raise exception.ValidationError(message=msg) + self.assert_admin(context) tenant_id = (tenant_ref.get('id') and tenant_ref.get('id') @@ -388,6 +393,11 @@ class UserController(wsgi.Application): def create_user(self, context, user): user = self._normalize_dict(user) self.assert_admin(context) + + if not 'name' in user or not user['name']: + msg = 'Name field is required and cannot be empty' + raise exception.ValidationError(message=msg) + tenant_id = user.get('tenantId', None) if (tenant_id is not None and self.identity_api.get_tenant(context, tenant_id) is None): @@ -482,6 +492,11 @@ class RoleController(wsgi.Application): def create_role(self, context, role): role = self._normalize_dict(role) self.assert_admin(context) + + if not 'name' in role or not role['name']: + msg = 'Name field is required and cannot be empty' + raise exception.ValidationError(message=msg) + role_id = uuid.uuid4().hex role['id'] = role_id role_ref = self.identity_api.create_role(context, role_id, role) diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index a02af87c..28792662 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -235,6 +235,13 @@ class KeystoneClientTests(object): self.assertFalse([t for t in client.tenants.list() if t.id == tenant.id]) + def test_tenant_create_no_name(self): + from keystoneclient import exceptions as client_exceptions + client = self.get_client(admin=True) + self.assertRaises(client_exceptions.BadRequest, + client.tenants.create, + tenant_name="") + def test_tenant_delete_404(self): from keystoneclient import exceptions as client_exceptions client = self.get_client(admin=True) @@ -359,6 +366,15 @@ class KeystoneClientTests(object): tenant_id='bar') self.assertEquals(user2.name, test_username) + def test_user_create_no_name(self): + from keystoneclient import exceptions as client_exceptions + client = self.get_client(admin=True) + self.assertRaises(client_exceptions.BadRequest, + client.users.create, + name="", + password=uuid.uuid4().hex, + email=uuid.uuid4().hex) + def test_user_create_404(self): from keystoneclient import exceptions as client_exceptions client = self.get_client(admin=True) @@ -451,6 +467,13 @@ class KeystoneClientTests(object): client.roles.get, role=role.id) + def test_role_create_no_name(self): + from keystoneclient import exceptions as client_exceptions + client = self.get_client(admin=True) + self.assertRaises(client_exceptions.BadRequest, + client.roles.create, + name="") + def test_role_get_404(self): from keystoneclient import exceptions as client_exceptions client = self.get_client(admin=True) |