Merge "Fix sharing a zone with the zone owner"

2023-04-04 04:57:15 +00:00 · 2023-04-04 04:57:15 +00:00 · 6591b53e50
parent 0f6a837a23 edcd2e0998
commit 6591b53e50
3 changed files with 19 additions and 0 deletions
--- a/designate/central/service.py
+++ b/designate/central/service.py
@ -1209,6 +1209,10 @@ class Service(service.RPCService):

        policy.check('share_zone', context, target)

+        if zone.tenant_id == shared_zone.target_project_id:
+            raise exceptions.BadRequest(
+                'Cannot share the zone with the zone owner.')
+
        shared_zone['project_id'] = context.project_id
        shared_zone['zone_id'] = zone_id

--- a/designate/tests/test_central/test_service.py
+++ b/designate/tests/test_central/test_service.py
@ -3817,6 +3817,17 @@ class CentralServiceTest(CentralTestCase):
        self.assertEqual(context.project_id, shared_zone.project_id)
        self.assertEqual(zone.id, shared_zone.zone_id)

+    def test_share_zone_with_zone_owner(self):
+        # Create a Shared Zone
+        context = self.get_context(project_id='1')
+        zone = self.create_zone(context=context)
+        exc = self.assertRaises(
+            rpc_dispatcher.ExpectedException, self.share_zone,
+            context=context, zone_id=zone.id,
+            target_project_id=zone.tenant_id)
+
+        self.assertEqual(exceptions.BadRequest, exc.exc_info[0])
+
    def test_unshare_zone(self):
        context = self.get_context(project_id='1', roles=['member', 'reader'])
        zone = self.create_zone(context=context)
--- a/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml
+++ b/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml
@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    Fixed a bug that allowed users to create a zone share for the zone owner.