enhanced role permission validation 80/9580/1
authortierno <alfonso.tiernosepulveda@telefonica.com>
Tue, 4 Aug 2020 12:48:15 +0000 (12:48 +0000)
committertierno <alfonso.tiernosepulveda@telefonica.com>
Wed, 12 Aug 2020 14:49:03 +0000 (14:49 +0000)
this commit avoid incompleted permission keys. For example command:
osm role-update --add "vim_accoun: true"
must fais, as it should be "vim_accounts: true"

Change-Id: Ib5a5d88ae35120e99a43c80d20ccf8b207701780
Signed-off-by: tierno <alfonso.tiernosepulveda@telefonica.com>
osm_nbi/admin_topics.py

index 998c12f..6e9f078 100644 (file)
@@ -1078,9 +1078,9 @@ class RoleTopicAuth(BaseTopic):
             if role_def[-1] == ":":
                 raise ValidationError("Operation cannot end with ':'")
 
-            role_def_matches = [op for op in operations if op.startswith(role_def)]
+            match = next((op for op in operations if op == role_def or op.startswith(role_def + ":")), None)
 
-            if len(role_def_matches) == 0:
+            if not match:
                 raise ValidationError("Invalid permission '{}'".format(role_def))
 
     def _validate_input_new(self, input, force=False):