Checking if Trust exists should be DRY
Instead of duplicating the check for Trust existence in the controller, move the check to the driver. Change-Id: Id576ebe9922a70047b8276f372854e086295b6c4 Closes-Bug: #1443721
This commit is contained in:
lin-hua-cheng
parent
649a18b96c
commit
deca783d99
|
|
@ -217,8 +217,6 @@ class AuthInfo(object):
|
|||
raise exception.ValidationError(attribute='trust_id',
|
||||
target='trust')
|
||||
trust = self.trust_api.get_trust(trust_id)
|
||||
if not trust:
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
return trust
|
||||
|
||||
def _validate_and_normalize_scope_data(self):
|
||||
|
|
|
|||
|
|
@ -4291,7 +4291,9 @@ class TrustTests(object):
|
|||
trust_data = self.trust_api.get_trust(trust_id)
|
||||
self.assertEqual(new_id, trust_data['id'])
|
||||
self.trust_api.delete_trust(trust_id)
|
||||
self.assertIsNone(self.trust_api.get_trust(trust_id))
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
trust_id)
|
||||
|
||||
def test_delete_trust_not_found(self):
|
||||
trust_id = uuid.uuid4().hex
|
||||
|
|
@ -4314,7 +4316,9 @@ class TrustTests(object):
|
|||
self.assertIsNotNone(trust_data)
|
||||
self.assertIsNone(trust_data['deleted_at'])
|
||||
self.trust_api.delete_trust(new_id)
|
||||
self.assertIsNone(self.trust_api.get_trust(new_id))
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
new_id)
|
||||
deleted_trust = self.trust_api.get_trust(trust_data['id'],
|
||||
deleted=True)
|
||||
self.assertEqual(trust_data['id'], deleted_trust['id'])
|
||||
|
|
@ -4389,7 +4393,9 @@ class TrustTests(object):
|
|||
self.assertEqual(1, t['remaining_uses'])
|
||||
self.trust_api.consume_use(trust_data['id'])
|
||||
# This was the last use, the trust isn't available anymore
|
||||
self.assertIsNone(self.trust_api.get_trust(trust_data['id']))
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
trust_data['id'])
|
||||
|
||||
|
||||
class CatalogTests(object):
|
||||
|
|
|
|||
|
|
@ -194,8 +194,9 @@ class Auth(controller.V2Controller):
|
|||
if not CONF.trust.enabled and 'trust_id' in auth:
|
||||
raise exception.Forbidden('Trusts are disabled.')
|
||||
elif CONF.trust.enabled and 'trust_id' in auth:
|
||||
trust_ref = self.trust_api.get_trust(auth['trust_id'])
|
||||
if trust_ref is None:
|
||||
try:
|
||||
trust_ref = self.trust_api.get_trust(auth['trust_id'])
|
||||
except exception.TrustNotFound:
|
||||
raise exception.Forbidden()
|
||||
if user_id != trust_ref['trustee_user_id']:
|
||||
raise exception.Forbidden()
|
||||
|
|
|
|||
|
|
@ -242,9 +242,11 @@ class Provider(common.BaseProvider):
|
|||
self.token_formatter.validate_token(token))
|
||||
|
||||
token_dict = None
|
||||
trust_ref = None
|
||||
if federated_info:
|
||||
token_dict = self._rebuild_federated_info(federated_info, user_id)
|
||||
trust_ref = self.trust_api.get_trust(trust_id)
|
||||
if trust_id:
|
||||
trust_ref = self.trust_api.get_trust(trust_id)
|
||||
|
||||
return self.v3_token_data_helper.get_token_data(
|
||||
user_id,
|
||||
|
|
|
|||
|
|
@ -135,15 +135,15 @@ class Trust(trust.Driver):
|
|||
query = query.filter_by(deleted_at=None)
|
||||
ref = query.first()
|
||||
if ref is None:
|
||||
return None
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
if ref.expires_at is not None and not deleted:
|
||||
now = timeutils.utcnow()
|
||||
if now > ref.expires_at:
|
||||
return None
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
# Do not return trusts that can't be used anymore
|
||||
if ref.remaining_uses is not None and not deleted:
|
||||
if ref.remaining_uses <= 0:
|
||||
return None
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
trust_dict = ref.to_dict()
|
||||
|
||||
self._add_roles(trust_id, session, trust_dict)
|
||||
|
|
|
|||
|
|
@ -74,8 +74,6 @@ class TrustV3(controller.V3Controller):
|
|||
def get_trust(self, context, trust_id):
|
||||
user_id = self._get_user_id(context)
|
||||
trust = self.trust_api.get_trust(trust_id)
|
||||
if not trust:
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
_trustor_trustee_only(trust, user_id)
|
||||
self._fill_in_roles(context, trust,
|
||||
self.role_api.list_roles())
|
||||
|
|
@ -213,8 +211,6 @@ class TrustV3(controller.V3Controller):
|
|||
def _check_role_for_trust(self, context, trust_id, role_id):
|
||||
"""Checks if a role has been assigned to a trust."""
|
||||
trust = self.trust_api.get_trust(trust_id)
|
||||
if not trust:
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
user_id = self._get_user_id(context)
|
||||
_trustor_trustee_only(trust, user_id)
|
||||
if not any(role['id'] == role_id for role in trust['roles']):
|
||||
|
|
@ -255,9 +251,6 @@ class TrustV3(controller.V3Controller):
|
|||
@controller.protected()
|
||||
def delete_trust(self, context, trust_id):
|
||||
trust = self.trust_api.get_trust(trust_id)
|
||||
if not trust:
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
|
||||
user_id = self._get_user_id(context)
|
||||
_admin_trustor_only(context, trust, user_id)
|
||||
initiator = notifications._get_request_audit_info(context)
|
||||
|
|
@ -266,8 +259,6 @@ class TrustV3(controller.V3Controller):
|
|||
@controller.protected()
|
||||
def list_roles_for_trust(self, context, trust_id):
|
||||
trust = self.get_trust(context, trust_id)['trust']
|
||||
if not trust:
|
||||
raise exception.TrustNotFound(trust_id=trust_id)
|
||||
user_id = self._get_user_id(context)
|
||||
_trustor_trustee_only(trust, user_id)
|
||||
return {'roles': trust['roles'],
|
||||
|
|
|
|||
|
|
@ -179,9 +179,6 @@ class Manager(manager.Manager):
|
|||
Recursively remove given and redelegated trusts
|
||||
"""
|
||||
trust = self.driver.get_trust(trust_id)
|
||||
if not trust:
|
||||
raise exception.TrustNotFound(trust_id)
|
||||
|
||||
trusts = self.driver.list_trusts_for_trustor(
|
||||
trust['trustor_user_id'])
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue