Merge "[Pecan] Fix custom tenant_id project_id matching" into stable/newton
This commit is contained in:
commit
13826b34e9
|
@ -210,6 +210,13 @@ class PolicyHook(hooks.PecanHook):
|
|||
"""
|
||||
attributes_to_exclude = []
|
||||
for attr_name in data.keys():
|
||||
# TODO(amotoki): All attribute maps have tenant_id and
|
||||
# it determines excluded attributes based on tenant_id.
|
||||
# We need to migrate tenant_id to project_id later
|
||||
# as attr_info is referred to in various places and we need
|
||||
# to check all logs carefully.
|
||||
if attr_name == 'project_id':
|
||||
continue
|
||||
attr_data = controller.resource_info.get(attr_name)
|
||||
if attr_data and attr_data['is_visible']:
|
||||
if policy.check(
|
||||
|
@ -225,4 +232,9 @@ class PolicyHook(hooks.PecanHook):
|
|||
# if the code reaches this point then either the policy check
|
||||
# failed or the attribute was not visible in the first place
|
||||
attributes_to_exclude.append(attr_name)
|
||||
# TODO(amotoki): As mentioned in the above TODO,
|
||||
# we treat project_id and tenant_id equivalently.
|
||||
# This should be migrated to project_id later.
|
||||
if attr_name == 'tenant_id':
|
||||
attributes_to_exclude.append('project_id')
|
||||
return attributes_to_exclude
|
||||
|
|
|
@ -850,3 +850,24 @@ class TestMemberActionController(test_functional.PecanFunctionalTest):
|
|||
url = '/v2.0/{}/something/put_meh.json'.format(self.collection)
|
||||
resp = self.app.get(url, expect_errors=True)
|
||||
self.assertEqual(405, resp.status_int)
|
||||
|
||||
|
||||
class TestExcludeAttributePolicy(test_functional.PecanFunctionalTest):
|
||||
|
||||
def setUp(self):
|
||||
super(TestExcludeAttributePolicy, self).setUp()
|
||||
policy.init()
|
||||
self.addCleanup(policy.reset)
|
||||
plugin = manager.NeutronManager.get_plugin()
|
||||
ctx = context.get_admin_context()
|
||||
self.network_id = pecan_utils.create_network(ctx, plugin)['id']
|
||||
mock.patch('neutron.pecan_wsgi.controllers.resource.'
|
||||
'CollectionsController.get').start()
|
||||
|
||||
def test_get_networks(self):
|
||||
response = self.app.get('/v2.0/networks/%s.json' % self.network_id,
|
||||
headers={'X-Project-Id': 'tenid'})
|
||||
json_body = jsonutils.loads(response.body)
|
||||
self.assertEqual(response.status_int, 200)
|
||||
self.assertEqual('tenid', json_body['network']['project_id'])
|
||||
self.assertEqual('tenid', json_body['network']['tenant_id'])
|
||||
|
|
Loading…
Reference in New Issue