From: liyingjun <yingjun.li@kylin-cloud.com>
Date: Mon, 29 Jun 2015 01:49:34 +0000 (+0800)
Subject: Validate maximum limit for quota
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=349ed36a7b560a30e86750674ede77dc987674a0;p=openstack-build%2Fcinder-build.git

Validate maximum limit for quota

Currently, when updating quota using limit larger than 0x7FFFFFFF,
there will be a DBError. The maximum limit needs to be validated.
And the maximum value is defined by SQL integer type INT, which
is a general value:
http://dev.mysql.com/doc/refman/5.0/en/integer-types.html
http://www.postgresql.org/docs/9.1/static/datatype-numeric.html

Change-Id: I3b4bd3badb84224bd8196c4fdd523c68310809de
Closes-bug: #1433052
---

diff --git a/cinder/api/contrib/quotas.py b/cinder/api/contrib/quotas.py
index ec0536957..937ce86cd 100644
--- a/cinder/api/contrib/quotas.py
+++ b/cinder/api/contrib/quotas.py
@@ -63,9 +63,15 @@ class QuotaSetsController(wsgi.Controller):
             msg = _("Quota limit must be specified as an integer value.")
             raise webob.exc.HTTPBadRequest(explanation=msg)
 
-        # NOTE: -1 is a flag value for unlimited
-        if limit < -1:
-            msg = _("Quota limit must be -1 or greater.")
+        # NOTE: -1 is a flag value for unlimited, maximum value is limited
+        # by SQL standard integer type `INT` which is `0x7FFFFFFF`, it's a
+        # general value for SQL, using a hardcoded value here is not a
+        # `nice` way, but it seems like the only way for now:
+        # http://dev.mysql.com/doc/refman/5.0/en/integer-types.html
+        # http://www.postgresql.org/docs/9.1/static/datatype-numeric.html
+        if limit < -1 or limit > db.MAX_INT:
+            msg = _("Quota limit must be in the range of -1 "
+                    "to %s.") % db.MAX_INT
             raise webob.exc.HTTPBadRequest(explanation=msg)
 
         return limit
diff --git a/cinder/db/api.py b/cinder/db/api.py
index 45a63b318..60c975c1a 100644
--- a/cinder/db/api.py
+++ b/cinder/db/api.py
@@ -66,6 +66,9 @@ _BACKEND_MAPPING = {'sqlalchemy': 'cinder.db.sqlalchemy.api'}
 
 IMPL = db_concurrency.TpoolDbapiWrapper(CONF, _BACKEND_MAPPING)
 
+# The maximum value a signed INT type may have
+MAX_INT = 0x7FFFFFFF
+
 
 ###################
 
diff --git a/cinder/tests/unit/api/contrib/test_quotas.py b/cinder/tests/unit/api/contrib/test_quotas.py
index 591389650..318386676 100644
--- a/cinder/tests/unit/api/contrib/test_quotas.py
+++ b/cinder/tests/unit/api/contrib/test_quotas.py
@@ -84,6 +84,10 @@ class QuotaSetsControllerTest(test.TestCase):
         result = self.controller.update(self.req, 'foo', body)
         self.assertDictMatch(result, body)
 
+        body = make_body(gigabytes=db.MAX_INT, tenant_id=None)
+        result = self.controller.update(self.req, 'foo', body)
+        self.assertDictMatch(result, body)
+
     def test_update_wrong_key(self):
         body = {'quota_set': {'bad': 'bad'}}
         self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
@@ -113,6 +117,9 @@ class QuotaSetsControllerTest(test.TestCase):
         body = {'quota_set': {'gigabytes': -1000}}
         self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
                           self.req, 'foo', body)
+        body = {'quota_set': {'gigabytes': db.MAX_INT + 1}}
+        self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update,
+                          self.req, 'foo', body)
 
     def test_update_no_admin(self):
         self.req.environ['cinder.context'].is_admin = False