]> review.fuel-infra Code Review - openstack-build/cinder-build.git/commitdiff
Code Review / openstack-build / cinder-build.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: ef4d108)
Fix quota update validation for non-int types
authorRohan Kanade <rohan.kanade@nttdata.com>
Fri, 23 Aug 2013 10:15:12 +0000 (03:15 -0700)
committerRohan Kanade <rohan.kanade@nttdata.com>
Tue, 27 Aug 2013 06:51:34 +0000 (23:51 -0700)
Fixes lp bug #1215301

Change-Id: I4bf813579c128844884138ba49f074f81f96790a

cinder/api/contrib/quotas.py patch | blob | history
cinder/tests/api/contrib/test_quotas.py patch | blob | history

diff --git a/cinder/api/contrib/quotas.py b/cinder/api/contrib/quotas.py
index 81d51ce55e382479e26b2fed94bc6c3b7324bf6a..892861763bdbe0b16324f9d8a30d09cae1bc7fb7 100644 (file)
--- a/cinder/api/contrib/quotas.py
+++ b/cinder/api/contrib/quotas.py
@@ -58,6 +58,10 @@ class QuotaSetsController(object):
         return dict(quota_set=result)
 
     def _validate_quota_limit(self, limit):
+        if not isinstance(limit, int):
+            msg = _("Quota limit must be specified as an integer value.")
+            raise webob.exc.HTTPBadRequest(explanation=msg)
+
         # NOTE: -1 is a flag value for unlimited
         if limit < -1:
             msg = _("Quota limit must be -1 or greater.")
@@ -89,8 +93,8 @@ class QuotaSetsController(object):
         project_id = id
         for key in body['quota_set'].keys():
             if key in QUOTAS:
+                self._validate_quota_limit(body['quota_set'][key])
                 value = int(body['quota_set'][key])
-                self._validate_quota_limit(value)
                 try:
                     db.quota_update(context, project_id, key, value)
                 except exception.ProjectQuotaNotFound:
diff --git a/cinder/tests/api/contrib/test_quotas.py b/cinder/tests/api/contrib/test_quotas.py
index 7bef4f2411e51ed6bda89dc1a4315413b4b40612..549ec122318697db7ba99510d2336fe9262ca905 100644 (file)
--- a/cinder/tests/api/contrib/test_quotas.py
+++ b/cinder/tests/api/contrib/test_quotas.py
@@ -86,6 +86,11 @@ class QuotaSetsControllerTest(test.TestCase):
         result = self.controller.update(self.req, 'foo', body)
         self.assertDictMatch(result, make_body(tenant_id=None))
 
+    def test_update_invalid_key_value(self):
+        body = {'quota_set': {'gigabytes': "should_be_int"}}
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
+                          self.req, 'foo', body)
+
     def test_update_bad_quota_limit(self):
         body = {'quota_set': {'gigabytes': -1000}}
         self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,