From: tierno Date: Thu, 28 May 2020 10:41:10 +0000 (+0000) Subject: Feature 9015: check quotas for admin and return Unauthorize X-Git-Tag: release-v8.0-start~10 X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=commitdiff_plain;h=refs%2Fchanges%2F30%2F9030%2F2;hp=974276d1b4e7fe9cf177702eb6d657aa42618a41 Feature 9015: check quotas for admin and return Unauthorize Change-Id: I856aea935c03d835fe22176c31c27bce15d59b12 Signed-off-by: tierno --- diff --git a/osm_nbi/base_topic.py b/osm_nbi/base_topic.py index e849bb8..1f7f5d4 100644 --- a/osm_nbi/base_topic.py +++ b/osm_nbi/base_topic.py @@ -114,7 +114,7 @@ class BaseTopic: DbException if project not found ValidationError if quota exceeded and not overridden """ - if session["force"] or session["admin"]: + if session["force"]: return projects = session["project_id"] for project in projects: @@ -124,7 +124,8 @@ class BaseTopic: count = self.db.count(self.topic, {"_admin.projects_read": pid}) if count >= quota: name = proj["name"] - raise ValidationError("{} quota ({}) exceeded for project {} ({})".format(self.topic, quota, name, pid)) + raise ValidationError("quota ({}={}) exceeded for project {} ({})".format(self.topic, quota, name, pid), + http_code=HTTPStatus.UNAUTHORIZED) def _validate_input_new(self, input, force=False): """ diff --git a/osm_nbi/descriptor_topics.py b/osm_nbi/descriptor_topics.py index fdf46e5..a5cc196 100644 --- a/osm_nbi/descriptor_topics.py +++ b/osm_nbi/descriptor_topics.py @@ -146,29 +146,27 @@ class DescriptorTopic(BaseTopic): :return: _id, None: identity of the inserted data; and None as there is not any operation """ - try: - # Check Quota - self.check_quota(session) + # No needed to capture exceptions + # Check Quota + self.check_quota(session) - # _remove_envelop - if indata: - if "userDefinedData" in indata: - indata = indata['userDefinedData'] + # _remove_envelop + if indata: + if "userDefinedData" in indata: + indata = indata['userDefinedData'] - # Override descriptor with query string kwargs - self._update_input_with_kwargs(indata, kwargs) - # uncomment when this method is implemented. - # Avoid override in this case as the target is userDefinedData, but not vnfd,nsd descriptors - # indata = DescriptorTopic._validate_input_new(self, indata, project_id=session["force"]) - - content = {"_admin": {"userDefinedData": indata}} - self.format_on_new(content, session["project_id"], make_public=session["public"]) - _id = self.db.create(self.topic, content) - rollback.append({"topic": self.topic, "_id": _id}) - self._send_msg("created", {"_id": _id}) - return _id, None - except ValidationError as e: - raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY) + # Override descriptor with query string kwargs + self._update_input_with_kwargs(indata, kwargs) + # uncomment when this method is implemented. + # Avoid override in this case as the target is userDefinedData, but not vnfd,nsd descriptors + # indata = DescriptorTopic._validate_input_new(self, indata, project_id=session["force"]) + + content = {"_admin": {"userDefinedData": indata}} + self.format_on_new(content, session["project_id"], make_public=session["public"]) + _id = self.db.create(self.topic, content) + rollback.append({"topic": self.topic, "_id": _id}) + self._send_msg("created", {"_id": _id}) + return _id, None def upload_content(self, session, _id, indata, kwargs, headers): """ diff --git a/osm_nbi/tests/test_admin_topics.py b/osm_nbi/tests/test_admin_topics.py index d8a4e63..dce8710 100755 --- a/osm_nbi/tests/test_admin_topics.py +++ b/osm_nbi/tests/test_admin_topics.py @@ -54,6 +54,7 @@ class Test_ProjectTopicAuth(TestCase): self.topic = ProjectTopicAuth(self.db, self.fs, self.msg, self.auth) self.fake_session = {"username": self.test_name, "project_id": (test_pid,), "method": None, "admin": True, "force": False, "public": False, "allow_show_user_project_role": True} + self.topic.check_quota = Mock(return_value=None) # skip quota def test_new_project(self): with self.subTest(i=1): @@ -215,6 +216,7 @@ class Test_RoleTopicAuth(TestCase): self.topic = RoleTopicAuth(self.db, self.fs, self.msg, self.auth) self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None, "admin": True, "force": False, "public": False, "allow_show_user_project_role": True} + self.topic.check_quota = Mock(return_value=None) # skip quota def test_new_role(self): with self.subTest(i=1): @@ -375,6 +377,7 @@ class Test_UserTopicAuth(TestCase): self.topic = UserTopicAuth(self.db, self.fs, self.msg, self.auth) self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None, "admin": True, "force": False, "public": False, "allow_show_user_project_role": True} + self.topic.check_quota = Mock(return_value=None) # skip quota def test_new_user(self): uid1 = str(uuid4()) @@ -598,6 +601,7 @@ class Test_CommonVimWimSdn(TestCase): self.topic.schema_edit = validation.wim_account_edit_schema self.fake_session = {"username": test_name, "project_id": (test_pid,), "method": None, "admin": True, "force": False, "public": False, "allow_show_user_project_role": True} + self.topic.check_quota = Mock(return_value=None) # skip quota def test_new_cvws(self): test_url = "http://0.0.0.0:0" diff --git a/osm_nbi/tests/test_descriptor_topics.py b/osm_nbi/tests/test_descriptor_topics.py index d012ac9..260104a 100755 --- a/osm_nbi/tests/test_descriptor_topics.py +++ b/osm_nbi/tests/test_descriptor_topics.py @@ -85,6 +85,7 @@ class Test_VnfdTopic(TestCase): self.msg = Mock(msgbase.MsgBase()) self.auth = Mock(authconn.Authconn(None, None, None)) self.topic = VnfdTopic(self.db, self.fs, self.msg, self.auth) + self.topic.check_quota = Mock(return_value=None) # skip quota def test_new_vnfd(self): did = db_vnfd_content["_id"] @@ -531,6 +532,7 @@ class Test_NsdTopic(TestCase): self.msg = Mock(msgbase.MsgBase()) self.auth = Mock(authconn.Authconn(None, None, None)) self.topic = NsdTopic(self.db, self.fs, self.msg, self.auth) + self.topic.check_quota = Mock(return_value=None) # skip quota def test_new_nsd(self): did = db_nsd_content["_id"]