Fix image owner can't be changed issue in v2
It is incompatible with v1 for owner change in v2. Image owner should be able to be changed, and only by admin user. This patch fixes the issue and add some test cases for that. Closes-Bug: #1420008 Change-Id: Ief9dc3329d7df07e1da32bb5ccc557096f73624f
This commit is contained in:
parent
667331b666
commit
46666826c9
|
@ -183,6 +183,9 @@ class ImagesController(object):
|
|||
value = change['value']
|
||||
if path_root == 'locations':
|
||||
self._do_replace_locations(image, value)
|
||||
elif path_root == 'owner' and req.context.is_admin == False:
|
||||
msg = _("Owner can't be updated by non admin.")
|
||||
raise webob.exc.HTTPForbidden(msg)
|
||||
else:
|
||||
if hasattr(image, path_root):
|
||||
setattr(image, path_root, value)
|
||||
|
@ -323,7 +326,7 @@ class RequestDeserializer(wsgi.JSONRequestDeserializer):
|
|||
_readonly_properties = ('created_at', 'updated_at', 'status', 'checksum',
|
||||
'size', 'virtual_size', 'direct_url', 'self',
|
||||
'file', 'schema', 'id')
|
||||
_reserved_properties = ('owner', 'location', 'deleted', 'deleted_at')
|
||||
_reserved_properties = ('location', 'deleted', 'deleted_at')
|
||||
_base_properties = ('checksum', 'created_at', 'container_format',
|
||||
'disk_format', 'id', 'min_disk', 'min_ram', 'name',
|
||||
'size', 'virtual_size', 'status', 'tags',
|
||||
|
|
|
@ -793,13 +793,23 @@ class TestImagesController(base.IsolatedUnitTest):
|
|||
def test_update_replace_base_attribute(self):
|
||||
self.db.image_update(None, UUID1, {'properties': {'foo': 'bar'}})
|
||||
request = unit_test_utils.get_fake_request()
|
||||
changes = [{'op': 'replace', 'path': ['name'], 'value': 'fedora'}]
|
||||
request.context.is_admin = True
|
||||
changes = [{'op': 'replace', 'path': ['name'], 'value': 'fedora'},
|
||||
{'op': 'replace', 'path': ['owner'], 'value': TENANT3}]
|
||||
output = self.controller.update(request, UUID1, changes)
|
||||
self.assertEqual(UUID1, output.image_id)
|
||||
self.assertEqual('fedora', output.name)
|
||||
self.assertEqual(TENANT3, output.owner)
|
||||
self.assertEqual({'foo': 'bar'}, output.extra_properties)
|
||||
self.assertNotEqual(output.created_at, output.updated_at)
|
||||
|
||||
def test_update_replace_onwer_non_admin(self):
|
||||
request = unit_test_utils.get_fake_request()
|
||||
request.context.is_admin = False
|
||||
changes = [{'op': 'replace', 'path': ['owner'], 'value': TENANT3}]
|
||||
self.assertRaises(webob.exc.HTTPForbidden,
|
||||
self.controller.update, request, UUID1, changes)
|
||||
|
||||
def test_update_replace_tags(self):
|
||||
request = unit_test_utils.get_fake_request()
|
||||
changes = [
|
||||
|
@ -2455,7 +2465,6 @@ class TestImagesDeserializer(test_utils.BaseTestCase):
|
|||
|
||||
def test_update_reserved_attributes(self):
|
||||
samples = {
|
||||
'owner': TENANT1,
|
||||
'deleted': False,
|
||||
'deleted_at': ISOTIME,
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue