From: PranaliDeore Date: Mon, 25 May 2015 09:14:26 +0000 (-0700) Subject: ConsistencyGroup: Return 400 instead of 500 for invalid body X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=299b99437c2de84222fd585f06c2d05ca213225b;p=openstack-build%2Fcinder-build.git ConsistencyGroup: Return 400 instead of 500 for invalid body If invalid request body is passed to the delete consistencygroups api, then it returns 500 error. Validated request body using 'is_valid_body()' method and also added validation to check 'force' is of bool type. APIImpact Closes-Bug: #1458868 Change-Id: Iaaa4409233bfed6ae3e67be5df8cc5ada28e054f --- diff --git a/cinder/api/contrib/consistencygroups.py b/cinder/api/contrib/consistencygroups.py index 68bcaa381..8e531f18a 100644 --- a/cinder/api/contrib/consistencygroups.py +++ b/cinder/api/contrib/consistencygroups.py @@ -16,6 +16,7 @@ """The consistencygroups api.""" from oslo_log import log as logging +from oslo_utils import strutils import webob from webob import exc @@ -154,8 +155,18 @@ class ConsistencyGroupsController(wsgi.Controller): context = req.environ['cinder.context'] force = False if body: + if not self.is_valid_body(body, 'consistencygroup'): + msg = _("Missing required element 'consistencygroup' in " + "request body.") + raise exc.HTTPBadRequest(explanation=msg) + cg_body = body['consistencygroup'] - force = cg_body.get('force', False) + try: + force = strutils.bool_from_string(cg_body.get('force', False), + strict=True) + except ValueError: + msg = _("Invalid value '%s' for force.") % force + raise exc.HTTPBadRequest(explanation=msg) LOG.info(_LI('Delete consistency group with id: %s'), id, context=context) diff --git a/cinder/tests/unit/api/contrib/test_consistencygroups.py b/cinder/tests/unit/api/contrib/test_consistencygroups.py index 77dd273c0..3524a104e 100644 --- a/cinder/tests/unit/api/contrib/test_consistencygroups.py +++ b/cinder/tests/unit/api/contrib/test_consistencygroups.py @@ -443,6 +443,42 @@ class ConsistencyGroupsAPITestCase(test.TestCase): cg['id']) self.assertEqual(cg['status'], 'deleted') + def test_delete_consistencygroup_with_invalid_body(self): + consistencygroup_id = self._create_consistencygroup(status='available') + req = webob.Request.blank('/v2/fake/consistencygroups/%s/delete' % + consistencygroup_id) + req.method = 'POST' + req.headers['Content-Type'] = 'application/json' + body = {"invalid_request_element": {"force": False}} + req.body = json.dumps(body) + res = req.get_response(fakes.wsgi_app()) + + self.assertEqual(400, res.status_int) + + def test_delete_consistencygroup_with_invalid_force_value_in_body(self): + consistencygroup_id = self._create_consistencygroup(status='available') + req = webob.Request.blank('/v2/fake/consistencygroups/%s/delete' % + consistencygroup_id) + req.method = 'POST' + req.headers['Content-Type'] = 'application/json' + body = {"consistencygroup": {"force": "abcd"}} + req.body = json.dumps(body) + res = req.get_response(fakes.wsgi_app()) + + self.assertEqual(400, res.status_int) + + def test_delete_consistencygroup_with_empty_force_value_in_body(self): + consistencygroup_id = self._create_consistencygroup(status='available') + req = webob.Request.blank('/v2/fake/consistencygroups/%s/delete' % + consistencygroup_id) + req.method = 'POST' + req.headers['Content-Type'] = 'application/json' + body = {"consistencygroup": {"force": ""}} + req.body = json.dumps(body) + res = req.get_response(fakes.wsgi_app()) + + self.assertEqual(400, res.status_int) + def test_create_consistencygroup_failed_no_volume_type(self): name = 'cg1' body = {"consistencygroup": {"name": name,