Merge "Validate that data received from the ramdisk is a JSON object"

This commit is contained in:
Jenkins 2015-12-15 13:08:12 +00:00 committed by Gerrit Code Review
commit 84f8f0734b
3 changed files with 21 additions and 7 deletions

View File

@ -165,8 +165,11 @@ def version_root(version):
@convert_exceptions
def api_continue():
data = flask.request.get_json(force=True)
LOG.debug("/v1/continue got JSON %s", data)
if not isinstance(data, dict):
raise utils.Error(_('Invalid data: expected a JSON object, got %s') %
data.__class__.__name__)
LOG.debug("/v1/continue got JSON %s", data)
return flask.jsonify(process.process(data))

View File

@ -109,25 +109,31 @@ class TestApiIntrospect(BaseAPITest):
self.assertEqual(400, res.status_code)
class TestApiContinue(BaseAPITest):
@mock.patch.object(process, 'process', autospec=True)
class TestApiContinue(BaseAPITest):
def test_continue(self, process_mock):
# should be ignored
CONF.set_override('auth_strategy', 'keystone')
process_mock.return_value = {'result': 42}
res = self.app.post('/v1/continue', data='"JSON"')
res = self.app.post('/v1/continue', data='{"foo": "bar"}')
self.assertEqual(200, res.status_code)
process_mock.assert_called_once_with("JSON")
process_mock.assert_called_once_with({"foo": "bar"})
self.assertEqual({"result": 42}, json.loads(res.data.decode()))
@mock.patch.object(process, 'process', autospec=True)
def test_continue_failed(self, process_mock):
process_mock.side_effect = iter([utils.Error("boom")])
res = self.app.post('/v1/continue', data='"JSON"')
res = self.app.post('/v1/continue', data='{"foo": "bar"}')
self.assertEqual(400, res.status_code)
process_mock.assert_called_once_with("JSON")
process_mock.assert_called_once_with({"foo": "bar"})
self.assertEqual('boom', _get_error(res))
def test_continue_wrong_type(self, process_mock):
res = self.app.post('/v1/continue', data='42')
self.assertEqual(400, res.status_code)
self.assertEqual('Invalid data: expected a JSON object, got int',
_get_error(res))
self.assertFalse(process_mock.called)
class TestApiGetStatus(BaseAPITest):
@mock.patch.object(node_cache, 'get_node', autospec=True)

View File

@ -0,0 +1,5 @@
---
fixes:
- The data processing API endpoint now validates that data received from
the ramdisk is actually a JSON object instead of failing the internal error
later (issue https://bugs.launchpad.net/bugs/1525876).