Feature 9015: check quotas for admin and return Unauthorize

author tierno <alfonso.tiernosepulveda@telefonica.com>

Thu, 28 May 2020 10:41:10 +0000 (10:41 +0000)

committer tierno <alfonso.tiernosepulveda@telefonica.com>

Wed, 3 Jun 2020 22:13:37 +0000 (22:13 +0000)
author tierno <alfonso.tiernosepulveda@telefonica.com>
Thu, 28 May 2020 10:41:10 +0000 (10:41 +0000)
committer tierno <alfonso.tiernosepulveda@telefonica.com>
Wed, 3 Jun 2020 22:13:37 +0000 (22:13 +0000)
diff --git a/osm_nbi/base_topic.py b/osm_nbi/base_topic.py

index e849bb8..1f7f5d4 100644 (file)
--- a/osm_nbi/base_topic.py
+++ b/osm_nbi/base_topic.py
@@ -114,7 +114,7 @@ class BaseTopic:
              DbException if project not found
              ValidationError if quota exceeded and not overridden
          """
-        if session["force"] or session["admin"]:
+        if session["force"]:
              return
          projects = session["project_id"]
          for project in projects:
@@ -124,7 +124,8 @@ class BaseTopic:
              count = self.db.count(self.topic, {"_admin.projects_read": pid})
              if count >= quota:
                  name = proj["name"]
-                raise ValidationError("{} quota ({}) exceeded for project {} ({})".format(self.topic, quota, name, pid))
+                raise ValidationError("quota ({}={}) exceeded for project {} ({})".format(self.topic, quota, name, pid),
+                                      http_code=HTTPStatus.UNAUTHORIZED)
  
      def _validate_input_new(self, input, force=False):
          """
diff --git a/osm_nbi/descriptor_topics.py b/osm_nbi/descriptor_topics.py

index fdf46e5..a5cc196 100644 (file)
--- a/osm_nbi/descriptor_topics.py
+++ b/osm_nbi/descriptor_topics.py
@@ -146,29 +146,27 @@ class DescriptorTopic(BaseTopic):
          :return: _id, None: identity of the inserted data; and None as there is not any operation
          """
  
-        try:
-            # Check Quota
-            self.check_quota(session)
+        # No needed to capture exceptions
+        # Check Quota
+        self.check_quota(session)
  
-            # _remove_envelop
-            if indata:
-                if "userDefinedData" in indata:
-                    indata = indata['userDefinedData']
+        # _remove_envelop
+        if indata:
+            if "userDefinedData" in indata:
+                indata = indata['userDefinedData']
  
-            # Override descriptor with query string kwargs
-            self._update_input_with_kwargs(indata, kwargs)
-            # uncomment when this method is implemented.
-            # Avoid override in this case as the target is userDefinedData, but not vnfd,nsd descriptors
-            # indata = DescriptorTopic._validate_input_new(self, indata, project_id=session["force"])
-
-            content = {"_admin": {"userDefinedData": indata}}
-            self.format_on_new(content, session["project_id"], make_public=session["public"])
-            _id = self.db.create(self.topic, content)
-            rollback.append({"topic": self.topic, "_id": _id})
-            self._send_msg("created", {"_id": _id})
-            return _id, None
-        except ValidationError as e:
-            raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY)
+        # Override descriptor with query string kwargs
+        self._update_input_with_kwargs(indata, kwargs)
+        # uncomment when this method is implemented.
+        # Avoid override in this case as the target is userDefinedData, but not vnfd,nsd descriptors
+        # indata = DescriptorTopic._validate_input_new(self, indata, project_id=session["force"])
+
+        content = {"_admin": {"userDefinedData": indata}}
+        self.format_on_new(content, session["project_id"], make_public=session["public"])
+        _id = self.db.create(self.topic, content)
+        rollback.append({"topic": self.topic, "_id": _id})
+        self._send_msg("created", {"_id": _id})
+        return _id, None
  
      def upload_content(self, session, _id, indata, kwargs, headers):
          """
diff --git a/osm_nbi/tests/test_admin_topics.py b/osm_nbi/tests/test_admin_topics.py

index d8a4e63..dce8710 100755 (executable)
--- a/osm_nbi/tests/test_admin_topics.py
+++ b/osm_nbi/tests/test_admin_topics.py
@@ -54,6 +54,7 @@ class Test_ProjectTopicAuth(TestCase):
          self.topic = ProjectTopicAuth(self.db, self.fs, self.msg, self.auth)
          self.fake_session = {"username": self.test_name, "project_id": (test_pid,), "method": None,
                               "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
  
      def test_new_project(self):
          with self.subTest(i=1):
@@ -215,6 +216,7 @@ class Test_RoleTopicAuth(TestCase):
          self.topic = RoleTopicAuth(self.db, self.fs, self.msg, self.auth)
          self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None,
                               "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
  
      def test_new_role(self):
          with self.subTest(i=1):
@@ -375,6 +377,7 @@ class Test_UserTopicAuth(TestCase):
          self.topic = UserTopicAuth(self.db, self.fs, self.msg, self.auth)
          self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None,
                               "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
  
      def test_new_user(self):
          uid1 = str(uuid4())
@@ -598,6 +601,7 @@ class Test_CommonVimWimSdn(TestCase):
          self.topic.schema_edit = validation.wim_account_edit_schema
          self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None,
                               "admin": True, "force": False, "public": False, "allow_show_user_project_role": True}
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
  
      def test_new_cvws(self):
          test_url = "http://0.0.0.0:0"
diff --git a/osm_nbi/tests/test_descriptor_topics.py b/osm_nbi/tests/test_descriptor_topics.py

index d012ac9..260104a 100755 (executable)
--- a/osm_nbi/tests/test_descriptor_topics.py
+++ b/osm_nbi/tests/test_descriptor_topics.py
@@ -85,6 +85,7 @@ class Test_VnfdTopic(TestCase):
          self.msg = Mock(msgbase.MsgBase())
          self.auth = Mock(authconn.Authconn(None, None, None))
          self.topic = VnfdTopic(self.db, self.fs, self.msg, self.auth)
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
  
      def test_new_vnfd(self):
          did = db_vnfd_content["_id"]
@@ -531,6 +532,7 @@ class Test_NsdTopic(TestCase):
          self.msg = Mock(msgbase.MsgBase())
          self.auth = Mock(authconn.Authconn(None, None, None))
          self.topic = NsdTopic(self.db, self.fs, self.msg, self.auth)
+        self.topic.check_quota = Mock(return_value=None)  # skip quota
  
      def test_new_nsd(self):
          did = db_nsd_content["_id"]
author	tierno <alfonso.tiernosepulveda@telefonica.com>
	Thu, 28 May 2020 10:41:10 +0000 (10:41 +0000)
committer	tierno <alfonso.tiernosepulveda@telefonica.com>
	Wed, 3 Jun 2020 22:13:37 +0000 (22:13 +0000)
osm_nbi/base_topic.py		patch \| blob \| history
osm_nbi/descriptor_topics.py		patch \| blob \| history
osm_nbi/tests/test_admin_topics.py		patch \| blob \| history
osm_nbi/tests/test_descriptor_topics.py		patch \| blob \| history