change user access name limit from 32 to 255 characters

Currently, The user access name is limited to 32 characters in manila API service,
but actually the user access name is longer than 32 characters. so we need
to change user access name limit from 32 to 255 characters

APIImpact

Closes-bug: 1674908
Change-Id: I68d8afabcd3fef57e472b4067ea8949e0aa8f53a

manila/api/common.py

@@ -334,10 +334,10 @@ def validate_common_name(access):
 
 
 def validate_username(access):
-    valid_username_re = '[\w\.\-_\`;\'\{\}\[\]\\\\]{4,32}$'
+    valid_username_re = '[\w\.\-_\`;\'\{\}\[\]\\\\]{4,255}$'
     username = access
     if not re.match(valid_username_re, username):
-        exc_str = ('Invalid user or group name. Must be 4-32 characters '
+        exc_str = ('Invalid user or group name. Must be 4-255 characters '
                    'and consist of alphanumeric characters and '
                    'special characters ]{.-_\'`;}[\\')
         raise webob.exc.HTTPBadRequest(explanation=exc_str)

manila/tests/api/v1/test_shares.py

@@ -778,7 +778,7 @@ class ShareActionsTest(test.TestCase):
     @ddt.data(
         {'access_type': 'ip', 'access_to': '127.0.0.1'},
         {'access_type': 'user', 'access_to': '1' * 4},
-        {'access_type': 'user', 'access_to': '1' * 32},
+        {'access_type': 'user', 'access_to': '1' * 255},
         {'access_type': 'user', 'access_to': 'fake\\]{.-_\'`;}['},
         {'access_type': 'user', 'access_to': 'MYDOMAIN\\Administrator'},
         {'access_type': 'cert', 'access_to': 'x'},
@@ -812,7 +812,7 @@ class ShareActionsTest(test.TestCase):
         {'access_type': 'ip', 'access_to': '127.0.0.256'},
         {'access_type': 'user', 'access_to': '1'},
         {'access_type': 'user', 'access_to': '1' * 3},
-        {'access_type': 'user', 'access_to': '1' * 33},
+        {'access_type': 'user', 'access_to': '1' * 256},
         {'access_type': 'user', 'access_to': 'root^'},
         {'access_type': 'cert', 'access_to': ''},
         {'access_type': 'cert', 'access_to': ' '},

manila/tests/api/v2/test_shares.py

@@ -1771,7 +1771,7 @@ class ShareActionsTest(test.TestCase):
     @ddt.data(
         {'access_type': 'ip', 'access_to': '127.0.0.1'},
         {'access_type': 'user', 'access_to': '1' * 4},
-        {'access_type': 'user', 'access_to': '1' * 32},
+        {'access_type': 'user', 'access_to': '1' * 255},
         {'access_type': 'user', 'access_to': 'fake\\]{.-_\'`;}['},
         {'access_type': 'user', 'access_to': 'MYDOMAIN\\Administrator'},
         {'access_type': 'cert', 'access_to': 'x'},
@@ -1803,7 +1803,7 @@ class ShareActionsTest(test.TestCase):
         {'access_type': 'ip', 'access_to': '127.0.0.256'},
         {'access_type': 'user', 'access_to': '1'},
         {'access_type': 'user', 'access_to': '1' * 3},
-        {'access_type': 'user', 'access_to': '1' * 33},
+        {'access_type': 'user', 'access_to': '1' * 256},
         {'access_type': 'user', 'access_to': 'root^'},
         {'access_type': 'cert', 'access_to': ''},
         {'access_type': 'cert', 'access_to': ' '},

manila_tempest_tests/tests/api/test_rules_negative.py

@@ -229,7 +229,7 @@ class ShareUserRulesForNFSNegativeTest(base.BaseSharesTest):
     def test_create_access_rule_user_with_too_big_key(self, client_name):
         self.assertRaises(lib_exc.BadRequest,
                           getattr(self, client_name).create_access_rule,
-                          self.share["id"], "user", "a" * 33)
+                          self.share["id"], "user", "a" * 256)
 
     @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
     @ddt.data('shares_client', 'shares_v2_client')

releasenotes/notes/bug-1674908-allow-user-access-fix-495b3e42bdc985ec.yaml

@@ -0,0 +1,5 @@
+---
+fixes:
+  - Changed user access name limit from 32 to 255 characters
+    since there are security services that allow user names
+    longer than 32 characters.