ConsistencyGroup: Return 400 instead of 500 for invalid body

If invalid request body is passed to the delete
consistencygroups api, then it returns 500 error.

Validated request body using 'is_valid_body()' method
and also added validation to check 'force' is of bool type.

APIImpact

Closes-Bug: #1458868
Change-Id: Iaaa4409233bfed6ae3e67be5df8cc5ada28e054f

diff --git a/cinder/api/contrib/consistencygroups.py b/cinder/api/contrib/consistencygroups.py
index 68bcaa38172b207167b70c9e88f2b9cb1e6ced54..8e531f18a468477dbadfa56888cc6b81b5b73831 100644 (file)
--- a/cinder/api/contrib/consistencygroups.py
+++ b/cinder/api/contrib/consistencygroups.py
@@ -16,6 +16,7 @@
 """The consistencygroups api."""
 
 from oslo_log import log as logging
+from oslo_utils import strutils
 import webob
 from webob import exc
 
@@ -154,8 +155,18 @@ class ConsistencyGroupsController(wsgi.Controller):
         context = req.environ['cinder.context']
         force = False
         if body:
+            if not self.is_valid_body(body, 'consistencygroup'):
+                msg = _("Missing required element 'consistencygroup' in "
+                        "request body.")
+                raise exc.HTTPBadRequest(explanation=msg)
+
             cg_body = body['consistencygroup']
-            force = cg_body.get('force', False)
+            try:
+                force = strutils.bool_from_string(cg_body.get('force', False),
+                                                  strict=True)
+            except ValueError:
+                msg = _("Invalid value '%s' for force.") % force
+                raise exc.HTTPBadRequest(explanation=msg)
 
         LOG.info(_LI('Delete consistency group with id: %s'), id,
                  context=context)

diff --git a/cinder/tests/unit/api/contrib/test_consistencygroups.py b/cinder/tests/unit/api/contrib/test_consistencygroups.py
index 77dd273c01c3b0ebde10cd71fe82e73bfabd94ef..3524a104ec09b19b9f028006e1b22f0da8b14279 100644 (file)
--- a/cinder/tests/unit/api/contrib/test_consistencygroups.py
+++ b/cinder/tests/unit/api/contrib/test_consistencygroups.py
@@ -443,6 +443,42 @@ class ConsistencyGroupsAPITestCase(test.TestCase):
             cg['id'])
         self.assertEqual(cg['status'], 'deleted')
 
+    def test_delete_consistencygroup_with_invalid_body(self):
+        consistencygroup_id = self._create_consistencygroup(status='available')
+        req = webob.Request.blank('/v2/fake/consistencygroups/%s/delete' %
+                                  consistencygroup_id)
+        req.method = 'POST'
+        req.headers['Content-Type'] = 'application/json'
+        body = {"invalid_request_element": {"force": False}}
+        req.body = json.dumps(body)
+        res = req.get_response(fakes.wsgi_app())
+
+        self.assertEqual(400, res.status_int)
+
+    def test_delete_consistencygroup_with_invalid_force_value_in_body(self):
+        consistencygroup_id = self._create_consistencygroup(status='available')
+        req = webob.Request.blank('/v2/fake/consistencygroups/%s/delete' %
+                                  consistencygroup_id)
+        req.method = 'POST'
+        req.headers['Content-Type'] = 'application/json'
+        body = {"consistencygroup": {"force": "abcd"}}
+        req.body = json.dumps(body)
+        res = req.get_response(fakes.wsgi_app())
+
+        self.assertEqual(400, res.status_int)
+
+    def test_delete_consistencygroup_with_empty_force_value_in_body(self):
+        consistencygroup_id = self._create_consistencygroup(status='available')
+        req = webob.Request.blank('/v2/fake/consistencygroups/%s/delete' %
+                                  consistencygroup_id)
+        req.method = 'POST'
+        req.headers['Content-Type'] = 'application/json'
+        body = {"consistencygroup": {"force": ""}}
+        req.body = json.dumps(body)
+        res = req.get_response(fakes.wsgi_app())
+
+        self.assertEqual(400, res.status_int)
+
     def test_create_consistencygroup_failed_no_volume_type(self):
         name = 'cg1'
         body = {"consistencygroup": {"name": name,