openstack/adjutant
Code Issues Proposed changes

Merge "Reapprove now clears old tokens"

Browse Source
This commit is contained in:
Jenkins 2017-09-01 01:45:05 +00:00 committed by Gerrit Code Review
commit 1600a7bdf6
2 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
adjutant/api/v1/tests/test_api_admin.py
View File

@ -625,6 +625,51 @@ class AdminAPITests(APITestCase):
response = self.client.post(url, data, format='json') response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_reapprove_task_delete_tokens(self):
"""
Tests that a reapproved task will delete all of it's previous tokens.
"""
setup_temp_cache({}, {})
url = "/v1/actions/CreateProject"
data = {'project_name': "test_project", 'email': "test@example.com"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "test@example.com",
'user_id': "test_user_id",
'authenticated': True
}
new_task = Task.objects.all()[0]
url = "/v1/tasks/" + new_task.uuid
response = self.client.post(url, {'approved': True}, format='json',
headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(Token.objects.all()), 1)
new_token = Token.objects.all()[0]
url = "/v1/tokens/" + new_token.token
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
# Reapprove
url = "/v1/tasks/" + new_task.uuid
response = self.client.post(url, {'approved': True}, format='json',
headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
# Old token no longer found
url = "/v1/tokens/" + new_token.token
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
self.assertEqual(len(Token.objects.all()), 1)
def test_task_update_unapprove(self): def test_task_update_unapprove(self):
""" """
Ensure task update doesn't work for approved actions. Ensure task update doesn't work for approved actions.

4
adjutant/api/v1/views.py
View File

@ -386,6 +386,10 @@ class TaskDetail(APIViewWithLogger):
'Update data and rerun pre_approve.']}, 'Update data and rerun pre_approve.']},
status=400) status=400)
if task.approved:
# Expire previously in use tokens
Token.objects.filter(task=task.uuid).delete()
# We approve the task before running actions, # We approve the task before running actions,
# that way if something goes wrong we know if it was approved, # that way if something goes wrong we know if it was approved,
# when it was approved, and who approved it last. Subsequent # when it was approved, and who approved it last. Subsequent