summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--testapi/opnfv_testapi/common/check.py14
-rw-r--r--testapi/opnfv_testapi/common/message.py4
-rw-r--r--testapi/opnfv_testapi/handlers/base_handlers.py2
-rw-r--r--testapi/opnfv_testapi/tests/unit/handlers/test_project.py17
4 files changed, 37 insertions, 0 deletions
diff --git a/testapi/opnfv_testapi/common/check.py b/testapi/opnfv_testapi/common/check.py
index 1a66dd7..7f866dd 100644
--- a/testapi/opnfv_testapi/common/check.py
+++ b/testapi/opnfv_testapi/common/check.py
@@ -47,6 +47,20 @@ def is_authorized(method):
return wrapper
+def is_allowed(method):
+ @functools.wraps(method)
+ def wrapper(self, *args, **kwargs):
+ if self.table == 'projects':
+ query_data = {}
+ query_data['project_name'] = kwargs.get('query')['name']
+ data = yield dbapi.db_find_one('testcases', query_data)
+ if data:
+ raises.Unauthorized(message.tied_with_resource())
+ ret = yield gen.coroutine(method)(self, *args, **kwargs)
+ raise gen.Return(ret)
+ return wrapper
+
+
def valid_token(method):
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
diff --git a/testapi/opnfv_testapi/common/message.py b/testapi/opnfv_testapi/common/message.py
index b92b7f0..7c62894 100644
--- a/testapi/opnfv_testapi/common/message.py
+++ b/testapi/opnfv_testapi/common/message.py
@@ -64,3 +64,7 @@ def must_int(name):
def no_permission():
return 'You do not have permission to perform this action'
+
+
+def tied_with_resource():
+ return 'Selected resource is associated with other resources'
diff --git a/testapi/opnfv_testapi/handlers/base_handlers.py b/testapi/opnfv_testapi/handlers/base_handlers.py
index 537077d..ed4aeb2 100644
--- a/testapi/opnfv_testapi/handlers/base_handlers.py
+++ b/testapi/opnfv_testapi/handlers/base_handlers.py
@@ -179,6 +179,7 @@ class GenericApiHandler(web.RequestHandler):
@gen.coroutine
@check.not_exist
@check.is_authorized
+ @check.is_allowed
def _delete(self, data, query=None):
yield dbapi.db_delete(self.table, query)
self.finish_request()
@@ -189,6 +190,7 @@ class GenericApiHandler(web.RequestHandler):
@check.not_exist
@check.updated_one_not_exist
@check.is_authorized
+ @check.is_allowed
def _update(self, data, query=None, **kwargs):
data = self.table_cls.from_dict(data)
update_req = self._update_requests(data)
diff --git a/testapi/opnfv_testapi/tests/unit/handlers/test_project.py b/testapi/opnfv_testapi/tests/unit/handlers/test_project.py
index cbd1a4e..884dd68 100644
--- a/testapi/opnfv_testapi/tests/unit/handlers/test_project.py
+++ b/testapi/opnfv_testapi/tests/unit/handlers/test_project.py
@@ -12,6 +12,7 @@ import urllib
from opnfv_testapi.common import message
from opnfv_testapi.models import project_models
+from opnfv_testapi.models import testcase_models as tcm
from opnfv_testapi.tests.unit import executor
from opnfv_testapi.tests.unit.handlers import test_base as base
@@ -23,6 +24,9 @@ class TestProjectBase(base.TestBase):
'qtip-ssh test')
self.req_e = project_models.ProjectCreateRequest('functest',
'functest test')
+ self.testcase_d = tcm.TestcaseCreateRequest.from_dict(
+ self.load_json('testcase_d'))
+ self.project = 'qtip'
self.get_res = project_models.Project
self.list_res = project_models.Projects
self.update_res = project_models.Project
@@ -150,6 +154,13 @@ class TestProjectUpdate(TestProjectBase):
return self.req_d, self.req_d.name
@executor.mock_valid_lfid()
+ @executor.update(httplib.UNAUTHORIZED, message.tied_with_resource())
+ def test_updateNotAllowed(self):
+ self.create_help('/api/v1/projects/%s/cases', self.testcase_d, self.req_d.name)
+ req = project_models.ProjectUpdateRequest('apex', 'apex test')
+ return req, self.req_d.name
+
+ @executor.mock_valid_lfid()
@executor.update(httplib.OK, '_assert_update')
def test_success(self):
req = project_models.ProjectUpdateRequest('apex', 'apex test')
@@ -178,6 +189,12 @@ class TestProjectDelete(TestProjectBase):
return 'notFound'
@executor.mock_valid_lfid()
+ @executor.delete(httplib.UNAUTHORIZED, message.tied_with_resource())
+ def test_deleteNotAllowed(self):
+ self.create_help('/api/v1/projects/%s/cases', self.testcase_d, self.req_d.name)
+ return self.req_d.name
+
+ @executor.mock_valid_lfid()
@executor.delete(httplib.OK, '_assert_delete')
def test_success(self):
return self.req_d.name