Add validation to barbican order
Algorithm and bit_length properties are required by barbican for non-certificate types of order. Change-Id: I61117ed9e00ebbd42374df6eb5b533b13c98360d Closes-Bug: #1535791
This commit is contained in:
parent
bf20657824
commit
7601c6cb42
|
@ -55,6 +55,12 @@ class Order(resource.Resource):
|
|||
'certificate', 'intermediates', 'container_ref'
|
||||
)
|
||||
|
||||
ORDER_TYPES = (
|
||||
KEY, ASYMMETRIC, CERTIFICATE
|
||||
) = (
|
||||
'key', 'asymmetric', 'certificate'
|
||||
)
|
||||
|
||||
properties_schema = {
|
||||
NAME: properties.Schema(
|
||||
properties.Schema.STRING,
|
||||
|
@ -73,11 +79,13 @@ class Order(resource.Resource):
|
|||
),
|
||||
ALGORITHM: properties.Schema(
|
||||
properties.Schema.STRING,
|
||||
_('The algorithm type used to generate the secret.'),
|
||||
_('The algorithm type used to generate the secret. '
|
||||
'Required for key and asymmetric types of order.'),
|
||||
),
|
||||
BIT_LENGTH: properties.Schema(
|
||||
properties.Schema.INTEGER,
|
||||
_('The bit-length of the secret.'),
|
||||
_('The bit-length of the secret. Required for key and '
|
||||
'asymmetric types of order.'),
|
||||
),
|
||||
MODE: properties.Schema(
|
||||
properties.Schema.STRING,
|
||||
|
@ -88,9 +96,7 @@ class Order(resource.Resource):
|
|||
properties.Schema.STRING,
|
||||
_('The type of the order.'),
|
||||
constraints=[
|
||||
constraints.AllowedValues([
|
||||
'key', 'asymmetric', 'certificate'
|
||||
]),
|
||||
constraints.AllowedValues(ORDER_TYPES),
|
||||
],
|
||||
required=True,
|
||||
support_status=support.SupportStatus(version='5.0.0'),
|
||||
|
@ -182,6 +188,17 @@ class Order(resource.Resource):
|
|||
# need not to be fixed re LP bug #1393268
|
||||
return order_ref
|
||||
|
||||
def validate(self):
|
||||
if self.properties[self.TYPE] != self.CERTIFICATE:
|
||||
if (self.properties[self.ALGORITHM] is None
|
||||
or self.properties[self.BIT_LENGTH] is None):
|
||||
msg = _("Properties %(algorithm)s and %(bit_length)s are "
|
||||
"required for %(type)s type of order.") % {
|
||||
'algorithm': self.ALGORITHM,
|
||||
'bit_length': self.BIT_LENGTH,
|
||||
'type': self.properties[self.TYPE]}
|
||||
raise exception.StackValidationFailed(message=msg)
|
||||
|
||||
def check_create_complete(self, order_href):
|
||||
order = self.client().orders.get(order_href)
|
||||
|
||||
|
|
|
@ -95,6 +95,17 @@ class TestOrder(common.HeatTestCase):
|
|||
'foo',
|
||||
snippet, self.stack)
|
||||
|
||||
def test_validate_non_certificate_order(self):
|
||||
snippet = copy.deepcopy(self.res_template)
|
||||
del snippet['Properties']['bit_length']
|
||||
del snippet['Properties']['algorithm']
|
||||
res = self._create_resource('test', snippet, self.stack)
|
||||
msg = ("Properties algorithm and bit_length are required for "
|
||||
"key type of order.")
|
||||
self.assertRaisesRegexp(exception.StackValidationFailed,
|
||||
msg,
|
||||
res.validate)
|
||||
|
||||
def test_attributes(self):
|
||||
mock_order = mock.Mock()
|
||||
mock_order.status = 'test-status'
|
||||
|
|
Loading…
Reference in New Issue