Merge "change user access name limit from 32 to 255 characters"

2017-03-24 19:23:59 +00:00 · 2017-03-24 19:23:59 +00:00 · 5f53762f6f
commit 5f53762f6f
parent 2da1632b70 5887f25883
5 changed files with 12 additions and 7 deletions
--- a/manila/api/common.py
+++ b/manila/api/common.py
@ -334,10 +334,10 @@ def validate_common_name(access):


 def validate_username(access):
-    valid_username_re = '[\w\.\-_\`;\'\{\}\[\]\\\\]{4,32}$'
+    valid_username_re = '[\w\.\-_\`;\'\{\}\[\]\\\\]{4,255}$'
    username = access
    if not re.match(valid_username_re, username):
-        exc_str = ('Invalid user or group name. Must be 4-32 characters '
+        exc_str = ('Invalid user or group name. Must be 4-255 characters '
                   'and consist of alphanumeric characters and '
                   'special characters ]{.-_\'`;}[\\')
        raise webob.exc.HTTPBadRequest(explanation=exc_str)
--- a/manila/tests/api/v1/test_shares.py
+++ b/manila/tests/api/v1/test_shares.py
@ -778,7 +778,7 @@ class ShareActionsTest(test.TestCase):
    @ddt.data(
        {'access_type': 'ip', 'access_to': '127.0.0.1'},
        {'access_type': 'user', 'access_to': '1' * 4},
-        {'access_type': 'user', 'access_to': '1' * 32},
+        {'access_type': 'user', 'access_to': '1' * 255},
        {'access_type': 'user', 'access_to': 'fake\\]{.-_\'`;}['},
        {'access_type': 'user', 'access_to': 'MYDOMAIN\\Administrator'},
        {'access_type': 'cert', 'access_to': 'x'},
@ -812,7 +812,7 @@ class ShareActionsTest(test.TestCase):
        {'access_type': 'ip', 'access_to': '127.0.0.256'},
        {'access_type': 'user', 'access_to': '1'},
        {'access_type': 'user', 'access_to': '1' * 3},
-        {'access_type': 'user', 'access_to': '1' * 33},
+        {'access_type': 'user', 'access_to': '1' * 256},
        {'access_type': 'user', 'access_to': 'root^'},
        {'access_type': 'cert', 'access_to': ''},
        {'access_type': 'cert', 'access_to': ' '},
--- a/manila/tests/api/v2/test_shares.py
+++ b/manila/tests/api/v2/test_shares.py
@ -1771,7 +1771,7 @@ class ShareActionsTest(test.TestCase):
    @ddt.data(
        {'access_type': 'ip', 'access_to': '127.0.0.1'},
        {'access_type': 'user', 'access_to': '1' * 4},
-        {'access_type': 'user', 'access_to': '1' * 32},
+        {'access_type': 'user', 'access_to': '1' * 255},
        {'access_type': 'user', 'access_to': 'fake\\]{.-_\'`;}['},
        {'access_type': 'user', 'access_to': 'MYDOMAIN\\Administrator'},
        {'access_type': 'cert', 'access_to': 'x'},
@ -1803,7 +1803,7 @@ class ShareActionsTest(test.TestCase):
        {'access_type': 'ip', 'access_to': '127.0.0.256'},
        {'access_type': 'user', 'access_to': '1'},
        {'access_type': 'user', 'access_to': '1' * 3},
-        {'access_type': 'user', 'access_to': '1' * 33},
+        {'access_type': 'user', 'access_to': '1' * 256},
        {'access_type': 'user', 'access_to': 'root^'},
        {'access_type': 'cert', 'access_to': ''},
        {'access_type': 'cert', 'access_to': ' '},
--- a/manila_tempest_tests/tests/api/test_rules_negative.py
+++ b/manila_tempest_tests/tests/api/test_rules_negative.py
@ -229,7 +229,7 @@ class ShareUserRulesForNFSNegativeTest(base.BaseSharesTest):
    def test_create_access_rule_user_with_too_big_key(self, client_name):
        self.assertRaises(lib_exc.BadRequest,
                          getattr(self, client_name).create_access_rule,
-                          self.share["id"], "user", "a" * 33)
+                          self.share["id"], "user", "a" * 256)

    @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
    @ddt.data('shares_client', 'shares_v2_client')
--- a/releasenotes/notes/bug-1674908-allow-user-access-fix-495b3e42bdc985ec.yaml
+++ b/releasenotes/notes/bug-1674908-allow-user-access-fix-495b3e42bdc985ec.yaml
@ -0,0 +1,5 @@
+---
+fixes:
+  - Changed user access name limit from 32 to 255 characters
+    since there are security services that allow user names
+    longer than 32 characters.