From 3fa524067e604176da3f7f392e073e7617f553d9 Mon Sep 17 00:00:00 2001 From: xiexs Date: Fri, 24 Jun 2016 08:06:52 -0400 Subject: [PATCH] Add strict Boolean checking for quota show There is no strict boolean checking for the parameter "usage" of API /os-quota-sets, so that any invalid boolean value can be specified. This patch adds a strict checking for it to prevent invalid value, and adds tests for this change as well. Change-Id: I313b3bd495557a9d20ab954b37dd8162e34cf871 Closes-Bug: #1594261 --- cinder/api/contrib/quotas.py | 2 +- cinder/tests/unit/api/contrib/test_quotas.py | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/cinder/api/contrib/quotas.py b/cinder/api/contrib/quotas.py index 5b458fb4d01..0af8496ea28 100644 --- a/cinder/api/contrib/quotas.py +++ b/cinder/api/contrib/quotas.py @@ -159,7 +159,7 @@ class QuotaSetsController(wsgi.Controller): target_project_id = id if not hasattr(params, '__call__') and 'usage' in params: - usage = strutils.bool_from_string(params['usage']) + usage = utils.get_bool_param('usage', params) else: usage = False diff --git a/cinder/tests/unit/api/contrib/test_quotas.py b/cinder/tests/unit/api/contrib/test_quotas.py index 5e58233c8a7..122a61bd5cf 100644 --- a/cinder/tests/unit/api/contrib/test_quotas.py +++ b/cinder/tests/unit/api/contrib/test_quotas.py @@ -188,6 +188,17 @@ class QuotaSetsControllerTest(QuotaSetsControllerTestBase): self.controller._get_quotas.assert_called_with( self.req.environ['cinder.context'], fake.PROJECT_ID, False) + def test_show_with_invalid_usage_param(self): + self.req.params = {'usage': 'InvalidBool'} + self.assertRaises(exception.InvalidParameterValue, + self.controller.show, + self.req, fake.PROJECT2_ID) + + def test_show_with_valid_usage_param(self): + self.req.params = {'usage': 'false'} + result = self.controller.show(self.req, fake.PROJECT_ID) + self.assertDictMatch(make_body(), result) + def test_update(self): body = make_body(gigabytes=2000, snapshots=15, volumes=5, backups=5, tenant_id=None)