File 0001-Fix-error-when-downloading-image-status-is-not-activ.patch of Package openstack-glance
From 5c68f25ca7c2697551b49d61c7ff7bfbc7103ded Mon Sep 17 00:00:00 2001
From: Darja Shakhray <dshakhray@mirantis.com>
Date: Mon, 28 Sep 2015 21:10:05 +0300
Subject: [PATCH] Fix error when downloading image status is not active
Added check image_status when downloading image.
Change-Id: I39d49ea8a828863fdf4d5efc98126a9009e4b098
Closes-bug: #1472449
(cherry picked from commit d4d94b290ceb9147dd285822e201dd85ce812ef0)
---
glance/api/v2/image_data.py | 7 +++---
glance/tests/functional/test_cache_middleware.py | 4 ++--
glance/tests/functional/v2/test_images.py | 2 +-
glance/tests/unit/v2/test_image_data_resource.py | 29 +++++++++++++++++++++---
4 files changed, 33 insertions(+), 9 deletions(-)
diff --git a/glance/api/v2/image_data.py b/glance/api/v2/image_data.py
index 78f7718..dcf1ccb 100644
--- a/glance/api/v2/image_data.py
+++ b/glance/api/v2/image_data.py
@@ -183,9 +183,10 @@ class ImageDataController(object):
image_repo = self.gateway.get_repo(req.context)
try:
image = image_repo.get(image_id)
- if image.status == 'deactivated':
- msg = _('The requested image has been deactivated. '
- 'Image data download is forbidden.')
+ if (image.status != 'active' and (image.status != 'deactivated'
+ or not req.context.is_admin)):
+ msg = _('The requested image is in status %s. '
+ 'Image data download is forbidden.') % image.status
raise exception.Forbidden(message=msg)
if not image.locations:
raise exception.ImageDataNotFound()
diff --git a/glance/tests/functional/test_cache_middleware.py b/glance/tests/functional/test_cache_middleware.py
index 995e8e7..2a9fd96 100644
--- a/glance/tests/functional/test_cache_middleware.py
+++ b/glance/tests/functional/test_cache_middleware.py
@@ -386,12 +386,12 @@ class BaseCacheMiddlewareTest(object):
response, content = http.request(path, 'GET')
self.assertEqual(403, response.status)
- # Download the image with v2. Ensure it is forbidden
+ # Download the image with v2.
path = "http://%s:%d/v2/images/%s/file" % ("127.0.0.1", self.api_port,
image_id)
http = httplib2.Http()
response, content = http.request(path, 'GET')
- self.assertEqual(403, response.status)
+ self.assertEqual(200, response.status)
# Reactivate the image using v2
path = "http://%s:%d/v2/images/%s/actions/reactivate"
diff --git a/glance/tests/functional/v2/test_images.py b/glance/tests/functional/v2/test_images.py
index 3f9903c..d857937 100644
--- a/glance/tests/functional/v2/test_images.py
+++ b/glance/tests/functional/v2/test_images.py
@@ -383,7 +383,7 @@ class TestImages(functional.FunctionalTest):
path = self._url('/v2/images/%s/file' % image_id)
headers = self._headers()
response = requests.get(path, headers=headers)
- self.assertEqual(204, response.status_code)
+ self.assertEqual(403, response.status_code)
def _verify_image_checksum_and_status(checksum, status):
# Checksum should be populated and status should be active
diff --git a/glance/tests/unit/v2/test_image_data_resource.py b/glance/tests/unit/v2/test_image_data_resource.py
index 73325f5..37c1953 100644
--- a/glance/tests/unit/v2/test_image_data_resource.py
+++ b/glance/tests/unit/v2/test_image_data_resource.py
@@ -106,6 +106,7 @@ class TestImagesController(base.StoreClearingUnitTest):
def test_download(self):
request = unit_test_utils.get_fake_request()
image = FakeImage('abcd',
+ status='active',
locations=[{'url': 'http://example.com/image',
'metadata': {}, 'status': 'active'}])
self.image_repo.result = image
@@ -113,7 +114,7 @@ class TestImagesController(base.StoreClearingUnitTest):
self.assertEqual(image.image_id, 'abcd')
def test_download_deactivated(self):
- request = unit_test_utils.get_fake_request()
+ request = unit_test_utils.get_fake_request(is_admin=False)
image = FakeImage('abcd',
status='deactivated',
locations=[{'url': 'http://example.com/image',
@@ -122,9 +123,31 @@ class TestImagesController(base.StoreClearingUnitTest):
self.assertRaises(webob.exc.HTTPForbidden, self.controller.download,
request, str(uuid.uuid4()))
+ request = unit_test_utils.get_fake_request(is_admin=True)
+ image = FakeImage('abcd',
+ status='deactivated',
+ locations=[{'url': 'http://example.com/image',
+ 'metadata': {}, 'status': 'active'}])
+ self.image_repo.result = image
+ image = self.controller.download(request, unit_test_utils.UUID1)
+ self.assertEqual('abcd', image.image_id)
+
+ def test_download_is_not_active(self):
+ state = ['queued', 'deleted', 'saving', 'killed', 'pending_delete']
+ for st in state:
+ request = unit_test_utils.get_fake_request()
+ image = FakeImage('abcd',
+ status=st,
+ locations=[{'url': 'http://example.com/image',
+ 'metadata': {}, 'status': 'active'}])
+ self.image_repo.result = image
+ self.assertRaises(webob.exc.HTTPForbidden,
+ self.controller.download,
+ request, str(uuid.uuid4()))
+
def test_download_no_location(self):
request = unit_test_utils.get_fake_request()
- self.image_repo.result = FakeImage('abcd')
+ self.image_repo.result = FakeImage('abcd', status='active')
self.assertRaises(webob.exc.HTTPNoContent, self.controller.download,
request, unit_test_utils.UUID2)
@@ -146,7 +169,7 @@ class TestImagesController(base.StoreClearingUnitTest):
raise exception.Forbidden()
request = unit_test_utils.get_fake_request()
- image = FakeImage('abcd')
+ image = FakeImage('abcd', status='active')
self.image_repo.result = image
image.locations = ImageLocations()
self.assertRaises(webob.exc.HTTPForbidden, self.controller.download,
--
2.6.0