Make sure we don't fail open on bad input to validate

Passing arbitrary dicts to validate does not validate that that's what we're sending to the API. Put in a validation check that the keys we're sending are the ones validate does something about. It's possible there is another param to validate we're not listing. If we hit a test that needs it, we can always add it. Change-Id: I75b24f4f640b7cf6ffebff494e1627569d74755a
2017-06-28 12:52:40 -05:00 · 2017-06-28 12:52:40 -05:00 · d1eea7a720
commit d1eea7a720
parent 10e6fbe44f
2 changed files with 7 additions and 1 deletions
--- a/shade/tests/unit/base.py
+++ b/shade/tests/unit/base.py
@ -535,6 +535,12 @@ class RequestsMockTestCase(BaseTestCase):
            key = '{method}|{uri}|{params}'.format(
                method=method, uri=uri, params=kw_params)
            validate = to_mock.pop('validate', {})
+            valid_keys = set(['json', 'headers', 'params'])
+            invalid_keys = set(validate.keys()) - valid_keys
+            if invalid_keys:
+                raise TypeError(
+                    "Invalid values passed to validate: {keys}".format(
+                        keys=invalid_keys))
            headers = structures.CaseInsensitiveDict(to_mock.pop('headers',
                                                                 {}))
            if 'content-type' not in headers:
--- a/shade/tests/unit/test_identity_roles.py
+++ b/shade/tests/unit/test_identity_roles.py
@ -91,7 +91,7 @@ class TestIdentityRoles(base.RequestsMockTestCase):
                 uri=self.get_mock_url(),
                 status_code=200,
                 json=role_data.json_response,
-                 validate=role_data.json_request),
+                 validate=dict(json=role_data.json_request)),
            dict(method='GET',
                 uri=self.get_mock_url(append=[role_data.role_id]),
                 status_code=200,