From: tierno <alfonso.tiernosepulveda@telefonica.com>
Date: Tue, 4 Aug 2020 12:48:15 +0000 (+0000)
Subject: enhanced role permission validation
X-Git-Tag: v8.0.1rc1~3
X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;h=bce146004ea0e10da51ab7a98b169d812a8afe03;hp=3ef02756b574db3cbdd9cc80198d1e2dc46c3f85;p=osm%2FNBI.git

enhanced role permission validation

this commit avoid incompleted permission keys. For example command:
osm role-update --add "vim_accoun: true"
must fais, as it should be "vim_accounts: true"

Change-Id: Ib5a5d88ae35120e99a43c80d20ccf8b207701780
Signed-off-by: tierno <alfonso.tiernosepulveda@telefonica.com>
---

diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py
index 998c12f..6e9f078 100644
--- a/osm_nbi/admin_topics.py
+++ b/osm_nbi/admin_topics.py
@@ -1078,9 +1078,9 @@ class RoleTopicAuth(BaseTopic):
             if role_def[-1] == ":":
                 raise ValidationError("Operation cannot end with ':'")
 
-            role_def_matches = [op for op in operations if op.startswith(role_def)]
+            match = next((op for op in operations if op == role_def or op.startswith(role_def + ":")), None)
 
-            if len(role_def_matches) == 0:
+            if not match:
                 raise ValidationError("Invalid permission '{}'".format(role_def))
 
     def _validate_input_new(self, input, force=False):