Merge "Disallow non-admin users update net's shared attribute"

This commit is contained in:
Jenkins 2014-02-10 09:08:19 +00:00 committed by Gerrit Code Review
commit ad5b8829ce
2 changed files with 12 additions and 0 deletions

View File

@ -35,6 +35,7 @@
"create_network:provider:segmentation_id": "rule:admin_only",
"update_network": "rule:admin_or_owner",
"update_network:segments": "rule:admin_only",
"update_network:shared": "rule:admin_only",
"update_network:provider:network_type": "rule:admin_only",
"update_network:provider:physical_network": "rule:admin_only",
"update_network:provider:segmentation_id": "rule:admin_only",

View File

@ -1730,6 +1730,17 @@ class TestNetworksV2(NeutronDbPluginV2TestCase):
res = self.deserialize(self.fmt, req.get_response(self.api))
self.assertTrue(res['network']['shared'])
def test_update_network_set_shared_owner_returns_404(self):
with self.network(shared=False) as network:
net_owner = network['network']['tenant_id']
data = {'network': {'shared': True}}
req = self.new_update_request('networks',
data,
network['network']['id'])
req.environ['neutron.context'] = context.Context('u', net_owner)
res = req.get_response(self.api)
self.assertEqual(res.status_int, webob.exc.HTTPNotFound.code)
def test_update_network_with_subnet_set_shared(self):
with self.network(shared=False) as network:
with self.subnet(network=network) as subnet: