From 269a45a223c0b67972f3fe249fd2bbe2747dd70f Mon Sep 17 00:00:00 2001 From: thuva4 Date: Thu, 22 Feb 2018 09:57:30 +0530 Subject: prevent the delete/update for projects Prevent user from deleting or updating projects which are associated with testcases JIRA: RELENG-335 JIRA: RELENG-336 Change-Id: Ic0a8841a4632329f4b58aeb97cb93a91bacc2b06 Signed-off-by: thuva4 --- testapi/opnfv_testapi/common/check.py | 14 ++++++++++++++ testapi/opnfv_testapi/common/message.py | 4 ++++ 2 files changed, 18 insertions(+) (limited to 'testapi/opnfv_testapi/common') diff --git a/testapi/opnfv_testapi/common/check.py b/testapi/opnfv_testapi/common/check.py index 1a66dd7..7f866dd 100644 --- a/testapi/opnfv_testapi/common/check.py +++ b/testapi/opnfv_testapi/common/check.py @@ -47,6 +47,20 @@ def is_authorized(method): return wrapper +def is_allowed(method): + @functools.wraps(method) + def wrapper(self, *args, **kwargs): + if self.table == 'projects': + query_data = {} + query_data['project_name'] = kwargs.get('query')['name'] + data = yield dbapi.db_find_one('testcases', query_data) + if data: + raises.Unauthorized(message.tied_with_resource()) + ret = yield gen.coroutine(method)(self, *args, **kwargs) + raise gen.Return(ret) + return wrapper + + def valid_token(method): @functools.wraps(method) def wrapper(self, *args, **kwargs): diff --git a/testapi/opnfv_testapi/common/message.py b/testapi/opnfv_testapi/common/message.py index b92b7f0..7c62894 100644 --- a/testapi/opnfv_testapi/common/message.py +++ b/testapi/opnfv_testapi/common/message.py @@ -64,3 +64,7 @@ def must_int(name): def no_permission(): return 'You do not have permission to perform this action' + + +def tied_with_resource(): + return 'Selected resource is associated with other resources' -- cgit 1.2.3-korg